purchasing new machines. probably not the way you want to go about it. >> 42% of you have lost information to hackers. 27% say you have not, and 31% say don't know. if you were to look at the stats, what would you make of -- 27% and that 31%. >> those of you saying no need to get with your i.t. and security staff. guessing who is in this room, not everyone in the room is necessarily a target of espionage. but then again, knowing who is in the room, i'm guessing that many of you are. if you do anything interesting and you have data that reflects what you do, you're a target. if you're doing a negotiation in china, if you're doing a joint

venture, if you're going to acquire a company in china, if china is going to acquire one of your companies, any one of those situations. they have stolen your data, they know the negotiations, they are sitting there with your plan translated. i'm hearing people say yes. this is the new reality of dealing with that sort of adversary. it is part of their business process, it is part of their due diligence when they are doing a deal. >> when you're across the table with someone who seems well prepared it is because they are. if you could give us a response to this. have you been contacted by law enforcement about an intrusion into your network? have you been contacted by law enforcement? michael let's turn to you while we're waiting for people to

answer this. a lot has been proposed by congress. mashing of d of teeth over there. they get this. a lot has been proposed in congress but there has been a fair number of speed bumps of this. that is part of the result or the reason for an executive order. can you quickly walk us through where the legislation stands and what the executive order does. >> sure. the first point i will make is the fact that it is taking a while to get to legislation that can pass both the house and the senate and the president can sign, shouldn't come to a big sur price. this is a hard -- surprise. >> it's a criticalish few for ur -- issue for our society. i actually think the fact that

we're having a good, healthy debate about this issue in congress and the right way to solve the problem is a good thing for us. i think it will produce better legislation in the long run. i will much rather do it this way, through this process, than the immediate aftermath of a crisis, which does not tend to result in the best legislation. >> you can argue that we're already in the crisis. >> yes, but i'm thinking of something more destructive in result. what i would say is you've seen the house has passed a version of its information sharing bill, which usually goes by the acronym of fsspa. the senate is in its own version of that bill. there's other security bills floating around the house and the gnat homeland committee. the commerce committee has a

bill and there's several others from the armed service committee in various forms. what you see right now is there is a great deal of movement in the legislative front. what happened last year and what led to the executive order is that the legislation stalled out, particularly in the senate. they put together a very large bill, which ultimately couldn't get over the process hurdles in the senate. what the administration decided to do was what it could under the executive order, which if president signed the day of the state of the union back in february. the executive order is focused on doing three things. one it's focused on driving federal agencies to do a better job in pushing information out to the private sector. increasing the volume and the timely of information that we share with the private sector. the second thing it does is it

brings in the civil liberties protections based on the principles and phase those into all the processes that the federal government is using in the cyber security area. lastly, it directed the institution and standard of technology to lead an effort to develop a framework of best practices and standards in cyber security. in particular, we can apply to critical infrastructure. in our minds the framework would be useable by almost any company. to raise the level of skibe security across the board. it would not deal with all the threats that richard was talking about. >> it's a pseudoname for china, russia. >> whether it is state sponsored or -- there's some cyber

criminal organizations that rival countries with their technical capabilities. we want to raise that base line level of cyber security, particularly our critical infrastructure across the board and that is what the executive order is aimed at doing. now that we have the executive order signed and we're about just over few months of implementation we're back working with congress to get this over the finish line. >> this would be voluntary. what are the insensitives or penalties for a company running what is defined as a critical infrastructure to partake in this? >> so that is one of the things we're talking to congress about in the legislation that you see. some of what is out there is a discussion of what the incentives would be to encourage the uptake in the framework. one of the things that we would

ove to see is a development of market in this space. one of the problems is that there's not enough data to do the underwriting to enable an insurance market to thrive at the level we would want. if you can encourage some of that to develop, that would be useful. that is something that there's a whole series of reports on incentives due to the president that were turned in. we'll make public the first part of july. >> if i'm a company anne i'm sharing information with you about my customers that you need to have as the government or as a third-party organization, i'm -- the liability issues. >> yes, where the administration is we're very clear that we support targeting liability protection, particularly with sharing information back to the government.

one of the things i have clearly learned that the more we have dug into the issue the more and more complicated it gets. being able to translate the principles that i think almost everyone greece with and translating into that into statutory text that the lawyers say it is working, that is something we're spending time on. >> have you been contacted by law enforcement? 34% say yes. we kept you busy today. 66% of you have not checked your voicemail, i suspect. 56% say no you have not been contacted by enforcement regarding intrusion. what is critical snusht? where do you draw the lines? is it dams, food services? >> that is an interesting question. we largely work off of what the

department of homeland security has defined in the protection plan as critical infrastructure. there's about 16 different sectors that include things such as electricity, oil, natural gas, transportation, health care , water supply is part of it. i think there are varying degrees of concern and risk but that is largely the universe we focus on. >> so you're advising companies, richard. does this plan, this legislation, these initiative business government do, from the stand point of private companies that seek your companies advice and your advice and similar services, does this plan make sense? >> the companies we talk to they are concerned about liability protection. there's generally no upside to reveal that you've had an

intrusion. there's differing thoughts on what is material if you're a publicly traded company enyou have f.c.c. requirements to report to your shareholders. we find that companies -- give you an example. only a few organizations have come forward to say they have had a severe intrukes from china and places like that. google, new york times, it is very, very rare. when you hear about an intrusion because personal information was stolen an the company is trying to comply with the 47 different state laws. >> right. >> there's some desire, i think for some type of overall legislation that would allow for one reporting standard. just to give you an example. the state of south carolina, their reporting costs to tell their citizens they had lost

data was $12 million. that was well, well above the cost of responding to the instrution. instrution. e -- >> so security was breached and there was with requirements to make it public on whose data was breached? >> $12 million to exspearns for a credit bureaus to do credit monitoring for so many years so that was the bulk of the costs. of course, as a state, they had probably less -- it is not like amazon was breached and has customers all over the world. but still, that is a significant chunk. we would like to see something long the lines liability protection, easier way to share information. those are the things we hear from our customers.

>> where is the government's responsibility end and businesses begin? what is the -- you know, what is being breached here? what are the borders? the u.s. protects its physical borders. is the u.s. responsible -- is the government responsible for protecting these new cyber borders or is that business? >> that is the fundamental question we're trying to answer in society right now. what is the government's role in cyber security? what is businesses role in cyber security? in cyber space, a lot of people talk about it like it is some sort of, like, a dimension not connected to the physical world. but all of those box, servers, wires, they exist somewhere. they exist in someone's country. they are on territory somewhere. that means that cyber space is connected to our physical geography.

so geography matters. you cannot map the rules of physical rehm into cyber space. i think you can make a credible argument that there is no such thing as security. everyone lives at the border. you all live at the border, every single one of us, in your personal lives or corporate lives. it is physically impossible to assign the role of border security to the federal government like we do in the physical realm. it has to be a shared responsible between the government and companies and individuals. i think trying to work out the burdens of the responsibility that is what we're trying to do right now. one model we talk a lot about is, because of that should we think more about the federal government's role in cyber space as one as disaster management? in the physical realm, the government runs the national weather service.

we collect information from weather stations to generate a weather map so citizens and companies can know if a bad storm is coming. one of the roles you can foresee is provide that kind of service in cyber space to provide that indication and warnings of what is happening out in cyber space. and then, to extend that model further, if you have an event that overwhelms local capacity, that is when the federal government would step in. just like not every storm in the physical world facilitates a federal response. but if it gets large enough and bad enough that's when the federal government steps in. that's one model. i don't know if that is something that everyone prescribes and believes in. but that is the kind of discussion we need to have. >> privacy is a big part of this

discussion. how much citizens are willing to allow private companies to share with the government and the government to share with private companies because the sharing has to go both ways. that is far from being resolved. are the disclosures that we've been watching over the last couple of weeks about n.s.a. activity, is that informing that debate? it seems there has been sequestrations on the fact of the n.s.a. that have resolved some of these sticky questions. >> i think it does highlight the fact that this is an ongoing issue with all of this information. the administration has had a strong stance from the very beginning in our cyber security legislation. we have to bake in civil liberty

concerns from the get-go. when we set up the sharing, particularly from the private sector back to the government, we want to make sure that the -- irrelevant personalable information is stripped out before citizen to the government. we want to see that happen. we want to make sure there are appropriate use limitations on information that is shared with the government. meaning that the government can only use information shared through cyber security channels for cyber security purposes. those are the kinds of protections we want to bake into the legislation and make sure they are a part of how we set up the information sharing routines. >> when you hear about the plan, the types of the information that the government is interested in seeing is not customer information.

>> it's not. >> take a look at the mandate report. go to the report and download it, you will not find a shved of personal information in that report. intrudersways to find on the network. there's no personal identifiable information on that. no one in the private sector wants to provide it, no one in the government wants to get it or provide it back. >> let's go back to the n.s.a. for a second. >> are you sure we have to go back? >> yes, we do. what lessons do you think -- what lessons have you observed? you were in the air force and security network systems and the private sector. what lessons are we learning from the n.s.a. disclosures? is there maybes a higher tolerance of sharing of personal

information and listening in on people than perhaps we thought? the polls are showing a split. second, what went wrong from a security standpoint at a national security agency that this information got snout > the take away i have is if more and more comes out it is confirming what people like myself and others have said is that, the united states targets, what we consider legitimate sources for information. meaning, foreign military, foreign government, foreign intelligence services. we do not hack into other people's networks to steal information for economic gain. i have never worked anywhere that has received stolen information obtained by u.s. government hackers. that is not something that

happens in our country. when you hear the chinese say you do it too, that is not true at all. if the chinese or russians had constrained our activity to u.s. government, u.s. military, u.s. intel community, state department, whatever, that is acceptable. that is what governments do to each other. >> we don't hack telecom company that we suspect of security breaches around the world. we don't hack the big national military maker? >> no one has said they are doing this. i can't speak to any sort of ongoing operations like that. but it is a state policy of the government and like-minded governments that you don't do that sort of thing. some people say do that. but that's not the way the

united states conducts operations. >> what happened at the n.s.a., how this stuff got out? what do you think happened? >> i don't know. i was coached not to speculate. i'm not going to speculate on this one. [laughter] i would say it does illustrate that insiders can be devastating nd by far, one well placed insider can be very devastating. >> we're going to go to questions in just a second. i want to address one more issue before we do. you can send quones your ipad or raise your hand. one more question is this about hacking back. my company should be allowed to hack back to retrieve stolen information or prevent exploitation. this is in the news this discussion has gotten going. my company should be allowed to hack back.

32% agree with that. 58% disagree. should companies be allowed to hack back? get their stuff, maybe freeze up someone's computer that they find their data on? >> it is my professional opinion the level of effort to do that in a responsible way and to get a decent return is too high. you're not going to -- you're going to counter more troubles doing that than you would if you just focused on defending your network. >> what is your troubles? it feels good. >> i will not deny the number one question when guy to any sort of company and they say what do we do? i want to go get these guys. who are they? everyone has that emotional response. we try to take them off the ledge and say it is not worth it. it make for a good buzzword. it is what we have government for. it is what we have law

enforcement for. >> it is illegal now. you're not supposed to do it. >> most people say it is legal. it's the law. >> among those people consider it illegal. >> there are companies that have reports based on them hacking into other countries and publishing their results. >> other countries have different rules. we say the costs are too high. what do you mean by that? >> whenever i have talked about this and wondered about this general councils say they don't want to expose ourselves to have allegations that company x is attacking and it is seen as too duress. >> something that the administration is thinking about from a law change standpoint to allow maybe more black ops? >> no. what we are talking about is, do we need to look at liability protection for companies taking ction on their own networks?

for example, if you block legitimate traffic because it is coming from a compromised host provider someplace and you might need to be protected from that. that is taking actions ins a defensive capacity on your own network. thisare very much, sort of idea that sort of hacking back into other people's networks is going to produce worse results -- the unintended consequence will be far worse than what is achieved. granted the satisfaction of hitting back, i understand. i don't think that is a productive space to be in. it is one of the things we talk a as normal behavior in cyber space. we don't want to turn cyber space into the wild west anymore than it already is. >> the comparison has been made

or the description has been made that you shut down a serve their was serving the person who was doing the hacking but that server was also serving the hospital next door. we'll take questions now. i will go the ipad unless there is one -- right here. yes? >> very imimpressive results on the one-hour response team. when you got to your ideal state and assume infiltration had taken place, were you able to identify what was taken? >> maybe not right away. but you do bring up a key point that i need to mention. tellne hour was if i could my boss i know everything about this case.

in other words, i know how they got in, i know who is infected and by shutting this down i'm not losing any sorts of intelligence. there were case where is someone broke in and i looked at it and i can't tell how these guys got in. we better not shut this off because if i do i'm going lose the only source i have on how these guys got into the network. i would go to my boss and ask for an exception. luckily that happened less and less as we got better and better visibility around the network. sometimes figuring out what they stole took a lot of engineering. for example, we saw them begin encrypted a, it is but now i have to have one of my anyone js figure out how to break the encryption. he disappears for two weeks and says here's what they took.

as you get better, by the way, they get better. they start to bring in their -- they replace the c-team with the b-team and then bring in the a-team. we've seen it escalate over the course of the years. >> that bring raises another point too. if you look at what verizon does and other companies, north of 90% of instrutions rely on known fixabilities vulnerabilities. that means we know about them, we know how to fix them but the bad guys are still getting in. we could plug more holes, then -- that's why the adversaries d-teams.he their c and f we force them to use their a-teams they have less of them and that would slow them down. >> there's a question, nobody has mentioned the critical role

at employees have to play in combating cyber attacks. raising employee's awareness is one of the most important responsibilities for c.f.o.'s. do you agree? >> i do. in a small company, 400 people, one of my better sources is my employees. they show me things that we haven't seen. i agree with that. making sure that you do security training that is interesting and has measurable results. i have friends that founded a company and they conduct fishing tests. they will fish your entire company and test you then you can ratchet it up. physical you send -- if you can send out something that says you says t a $200 bonus or it

you're health care are going to be cut they will click on that. it is a good exercise to teach people and learn what they are susceptible to. >> any question over here? ok, another one that was sent in. how effective are the top 20 -- critical securities put forward and adopted by the department of homeland security. >> there's a group called sans, i won't tell you what it used to stand for. they are considered one of the premier security training companies throughout. control is a misnomer because some of their controls is a response program. that is a huge effort but it does rp the consensus around

what is needed in a program. i would be surprised if it doesn't end up in the framework that we heard a couple of minutes ago. >> i agree with that. a lot of it is straight forward stuff. >> we were talking the other evening and it's a it can company that makes disk drives. a disproportionate number of problems that result on their network are still from the employee clicking on the attachment. the dominate reason they have are intrusions then have to do cleaning up afterward. is that one instance where the employee clicks on the --

there's 85,000 employees. is that still the case across industries that fundamental, called internet hygiene problem. is that still the problem why companies are spending millions of dollars for mitigation? for an k it is hard employee to resist. e've seen a trusted vendor was compromised. the hacker used that trusted vendor in your language of choice, they are signed from a certificate. it is that person sending you the e-mail. you receive it about a conversation that you've been having and it has the purchase order you're expecting. when that happens you're going to be in trouble. now, companies have gotten better at this and over the years we have seen that success

rate go down. i would estimate around 2/3 of the ork we do is caused by fishing network. they are attacking webs or applications more or they are using u.s.b. drives and that sort of thing. i used to joke with our chief physical officer, i used to say that my job will be done when it is your problem. the best thing is to hire a rogue employee. they are hiring interns who are placed there to steal information. >> the situation with the dow jones too. another question? can i sort of a last one, michael. the executive order some of legislation that con continues

may be introduced by one chamber or the other. when will we see some completion? what is the time frame? >> i have learned never to speculate on what congress may or may not do. i've been in congress too long for that. i would be very surprised if we aw anything before the fall. i think most optimistically that we think the senate would be able to act on some of the legislation before the august recess then we could have a shot at conference sometimes in the fall time frame. that would be the most optimistic schedule for them to be on. >> ok. anything else? in which case, thank you very much for your time. >> also from the conference,

former federal reserve chairman alan greenspan. his is about half an hour. >> i wanted to make sure somebody was out there. >> they are out there. we have half an hour. a lot of ground cover. i would like to talk to you about the present, the past, and the future in 30 minutes. talking about how you size up the economy today, how we got into such a bad place in 2008, and what economic policy makers need to do next. i would like to start talking about the present. how do you assess the global economy and the u.s. economy, and the extent to which there is any momentum or possibility for faster growth?

>> basically, i would describe both the united states and the rest of the world as being in a sluggish environment where effective demand, if we can use that old-fashioned term, is inadequate to galvanize the system in the growth. yet there is not enough downside weakness to create any significant short-term changes that i can see. there are very huge imbalances out there. what i find startling is there are so many things -- which nothing is happening. for example, the european central bank had this huge trillion-euro rise a couple years ago of the assets in their balance sheet.

then it came down a little bit. and for the last several months it has been absolutely flat. in other words, the extent to hich nothing is happening. it is just not credible with the huge amount of assets in central been spelling seats -- central bank balance sheets. there is very little of that spilling over into the marketplace. as a consequence, money supply, for example, is growing very modestly. but the overall issue here is why. why is it a situation in which the central banks have essentially blown up their balance sheet and there is no inflation? the fact of the matter is that all the reserve balances created

as double entry bookkeeping against the fed assets and ecb assets, they are essentially mmobile. you will have a large depositor, for example, the federal reserve bank of new york, 25 basis points. emember, there are $2 trillion out there. the interesting issue is the fact that they are not lending except in a very slow pace. the reason, essentially, is they are holding this big block of short-term assets which central banks are forcing into the depository institutions'hands. in the united states, 25 basis points on those reserves. there is no risk.

they are holding sovereign assets, basically. and the question is, why aren't they lending? they are not lending. look at commercial and industrial loans. they are just barely back. not even back to what they were. >> the federal reserve has these quantitative easing policies, expanding the balance sheets. the ecb, the bank of england -- you sound pretty skeptical. like you do not think these policies are doing much good. >> they do several things. obviously if you are expanding the central bank balance, the anticipation of what might happen in the future. it is to affect exchange rates very quickly. but it is not affecting inflation. the reason is not affecting inflation is that you need to get these reserve balances re-lent. you need jpmorgan, for example,

the re-land its reserve balances at the new york fed to ibm or general motors or somebody of that nature. that puts in the play real money. it is only one that happens that what central banks do to create -- creates activity. as far as i can see, at this particular stage if i am sitting here with these huge numbers but very little of it is leaking out of the system, it just as well can be zero. so the critical question is, we have never had a situation historically when so-called reserve money, central-bank money, has gone up to this extent. it has never happened to this extent. even a bloated balance sheet in the old terms would invariably

create some inflation. mainly because reserves would be re-lent. they are not being re-lent now. >> the fed is meeting tomorrow. central banks have these policies, including the bank of japan, entertaining the idea of how far to push them. the big question in markets now is when did the central banks -- when do the central banks start pulling this back? when should the central bank start pulling back these bond buying policies that are creating all these reserves? >> they have a problem that i think we saw in the united states a week or so ago. the first rumor that there was going to be a tapering off of the rate of increase, markets reacted very negatively. bond market specifically. which raises a very interesting question. what happens when a urnaround? it is obviously a major economic

implication, but also significant political mplications. from my experience, as soon as the fed or the ecb turns around, the bank of japan turns around, there is very negative reaction. now, central bankers are tough. we get beat upon consistently and after a while you brush it off. but this is going to be very interesting to see what happens. as a very interested observer, i cannot really forecast how it is going to come out. i know what has to happen. what has to happen is eventually these reserves begin to leak into the system. and it shows up in a number of different ways. but the major way is that it begins to put pressure on

prices. but con currently we have got such an extraordinaryly depressed local market in the united states, for example. average production -- average hourly wages are going up 2% a year and that is not much different from the rest of the economy and that is unprecedented. >> you made popular irrational gibberish. do you see any signs that central bank policy is creating excitement tional that can unstable the medical examiners? >> the thing about the stock markets is they that they are stabilizing. if you look back, for example, since the end of world war ii, the average annual increase in a ndard poors 500 index is

7%. e over what is you see, in a period like this when we have really t moved the stock market through 2007 peaks. you're sitting here with six years no change, multiple that by seven and you get a large change. even at the height of the crash in 2008, which was as a big of a stress test that you can get. stock prices were still in the iddle of the dot com boom. there's a ratcheting up with yards that goes on. where price a state

ratios of income, price ratios ly high. le are extreme so-called equity in the marketplace, the price that equities markets require to fund tocks is fairly close to the peak when it was a 50-year high. there's also suppression. we've got measures, for example, of the level of business confidence, which is my favorite measure, which is the measure of fixed capital investment, which corporations -- i usually eliminate financial corporations. non-financial corporations a ratio of their desire to invest in liquid and fixed assets with

heir liquid cash flow. the cash flow number a year or two ago was at all level that we had not reached -- going down i should say since 1938. we improved a little bit, uncertainty is still there. is basically says to me, the upside momentum in stock price r the stability momentum delivers the extent they can go down. now, once you've got that, because i also think the evidence does suggest that we significantly underestimate the prices of homeses and a variety of other things, which people do

measure in these economic models. but in general, the prices have a very potent affect on economic activity. if they are progressively moving upwards it means that you're getting an equity stimulus of not in significant proportions. that is the level we are. but the overhang of uncertainty is still horrendous. most importantly, it's in the use where assets are total of life or longer. if you break down the g.d.p. and erode it how and much is going produced is going to last. a hair cut is one month, in my ase it's longer.

equipment triple that. then you get into the air of structures. they are all way over 20 years, the average life expectcy and that is where the united states economy is way short. > it seems like there is optimism there. i want to go back, you mentioned the crash in 2008. i want to talk to you about the fed and the role that the fed played in that. there's been two critiques that have been thrown at the fed eading up to the crisis. one is that it left interest rates too low for too long. the other is that it failed to at quitly supervise the banks. what do you say to those

criticisms? >> my first question is what is the evidence? >> let me tell you what is the evidence of observing the it isenon from the inside a result of the extent of , traordinary bank practices which created derivatives of all sorts and huge liquidity in those markets. alk a euphoria and issues of irrational exzumebrans. the problem was one of those things that the central bank would see all the time, beware of good news, it is always to your disadvantage. as you go back and ask where did

this boom and bust come from? you go back to the end of the cold war. when the cold war ended, the economic loom behind the iron curb today was so devastating huge move ted that a occurred in so-called developing from essentially into the economies. it was estimated that the number increased in the total number of e world labor force, which moved into competitive markets rom restricted markets was upwards of half a billion. it is an sbrured increase,

essentially for the developing world. the result was because there was a cause of prudence mainly in the developing world, the huge amount of income, all of a sudden these economies opened up. china replicated the model of the so-called asian tigers. you had india deregulating. you had a whole series of countries moving towards competitive markets and the esults was dramatic. the g.d.p. was very high, in fact, the growth rate for a period of time after the fall of the berlin wall was a growth te in the dwoving --

developing world of twice that. >> should the fed seen and manage the capital? >> they did see it but it is unmanageable because it is a global phenomenon. what was happening globally was the excess of savings that got created in the developing world because they didn't spend them spilled over into the savings eninvestment markets and pressed long-term interest rates down ery significantly. so what we had was a very dramatic decline in long-term interest rates and just as interesting, they all converged to single digits. now, central banks can create overnight money and the like but when you're fighting that sort of phenomenon in the loan end of

the market, any individual bank is really not capability of doing very much. we could have tightened monetary policy very significantly broke the back that was emerging. as long-term interest rates came down, asset prices took off. to be sure home prices rose significantly in the united states but we were -- it picked up e] about 20 countries. we were in the middle. ratio in is capex real estate went down significantly. you've got the whole asset structure and the price up very

significantly. i know everyone thinks the central banks are all powerleful. let me tell you, we ain't. you could press against it all you want, no single central bank and i suspect even several banks acting in concert wouldnd have been able to do very much there to prevent that from occurring. now, the second issue is an issue essentially of regulation. my own view, and i thought this for a long period of time, there was nothing that happened during 2004, 2005,eriod of would 07, 2008, that cause a problem if there was capital.

banks had 20%-30% capital and still had a decent return. the return on assets was higher than it is now. , you can'tf issue is tell which assets you're holding on the books of a bank that are going to turn toxic or turn bad. if you can't, what you really need is what we call genetic reserves. there was a big debate with the f.c.c. on whether or not the banks could have a genetic reserve without specifying individual accounts. because you couldn't tell if this is going to blow up. that's the general problem with this whole issue we don't know what to regulate.

regulation requires a -- i should say anticipating which assets are going bad requires a forecast. the demand for sub prime mortgages or sub prime securities was overwhelming because people thought the rates they were selling at because they were sub prime was a steal. ll, the end result was probably predictable. but the point is, we didn't know very much about that because we didn't get data on the extent to subh sub prime borrowing or prime expansion was going on to the extent it was until way after the fact. >> right. we were in ember, small part. ly a

i'm not going to say we did a better jonathan anybody else, we didn't. >> i want to open it up to the audience and give the people here to get a chance to ask a question or two. john has been getting questions on the ipad. >> nothing on the ipad. questions from the audience? >> while people think through aeir questions i want to talk your book, you're working on a book that is coming out in october. can you talk a what you learned about human nature in this book and how it came about? there is no

r rans. al exzume pe i always thought while human beings were periodically irrationally in a large part we aren't. most importantly, the aspect of hence eings is unforecastable is the only way to describe it. hat's a view which classical economists hold. i think what the 2008 crisis told us to be sure there's a substantial part of human nature, which can scarely be called rational. but it is capability of modeling because it is systematic. i mention to you inside -- >> people are system atly

irrational? >> you bet. for example, no human being cannot respond to fear and pull back. they may react all differently o it but we all cannot but react from some threat to life or net worth as -- that will give us headaches. i remember in october 19, 1987, we had this extraordinaryly one-day crash. towards r telling me the end of the day when the market was all the way down. it went down -- was it 502 points or something like that. they were saying to me we know the prices are too low now but we had to sell because the hysical pain was overwhelming.

you get human responses to what going on and the point here that is necessary to realize is to fear causes people reagent. react. it builds up with your behavior other human behaviors that are examined. advances and speculative markets are always much slower than the down side and it happens all the time. > so you described yourself as a behavioral economists?

>> i wouldn't go all the way to that side because the behavioral economists don't have a model. ere's a lot of human judgments. >> alan greenspan of 2013 has a different view than alan greenspan of 2003 on how human behavior affects -- >> absolutely. there's significant change of view when i look at the data. i remember, back in 2006, 2007, there was a general awareness that started to be events, which -- not supposed to happen once in 1,000 year event happens within three days. that tells you the shape of the distribution is especially not,

as we say in mathematics normal. but essentially, it had a large tail risk associated with it and it went out like that. we never experienced that before. we didn't until 2008 and when we fat tail it was down right obese. .

we are out of time but i wanted to get to this question. ut a big question so we'll have to ask you to summarize it. how important is the structure. but there seements to be huge resist tons changing the structure to allow for more efficiency? >> it depends on the alternative. almost all central banks are individuals in the sense that

you've got diverse views from people around the country sitting in the seats of federal open market committee and even though legally the federal reserve board could fire any director or officer of a reserve bank without cause, we never did that because it was so obvious that the value of having a regional view by the individual people coming from different parts of the country gave you a sense of what our country is all about which i don't think we would have gotten if we had a single

central bank as a number of people back in 1913 were advocating. it turned out to be a major compromise and the compromising turned out to be helpful. >> i think we've learned a little bit of optimism about the present stock markets look fairly valued and gotten perspective on the past. please everyone join me in thanking -- [applause] . >> now a discussion on u.s. energy production and supply with deputy energy secretary and author. this is just under half an hour. >> so we've already heard it

refered to today the great shale oil and gas revolution in the yilets and this has been kind of come into the sensibility of people over the last two or three years that this is a really big thing. we've watched imports tail off and flairing in the back and north dakota grow so great it can be seen from space. i wonder could you give us kind of a one minute lay of the land wrfment are we in this energy creation? >> it's extraordinary from five years ago since we were all going to run out of i'll five years ago. oil production is up 46%. the increase in production is equivalent to the entire out put of nigeria. we've gone from preparing to spend $100 billion a year

importing to becoming an exporting. i think the point you made is a particularly significant one. i think it's only in the last 15 months or so that people focused on the overall implications of this 1.7 million jobs making the united states much more competitive in the world economy. in europe companies and there is really kind of an anxious now t about how much more competitive the united states is going to be. and you hear that in asia. what could be done to facilitate this and support this revolution in the u.s. in kind of all the ways. not just from a revolution standpoint but from a

distribution standpoint. >> what we are witnessing today in terms of shale gas is we by $137 million understand fact it was that beginning. one role for the department of energy is for technologies. you can think about methane as perhaps the next shale revolution. >> we'll talk about this in a second. >> the very interesting experiment that have been done,

very modest investment so far. we had a joint effort with japan and the department of energy drilling coarse in alaska and the trick there is to liberate methane ice form from the kris line structure in which it is found without collapsing the reservoir. it is going to take a lot of work but that could be a big source of gas in years to come. we are always looking at the next trend. i do want to come back to the first because i don't mean to suggest we're out of the picture. now the critical issue i think from a u.s. government perspective is to take the opportunity that sheal gas presents and make sure that we protect it. you may have seen the secretary of energy report that you are more than familiar with that said look this is an energy source but we've got to get the

fugitive methane emissions looked at. we have to look at fracking and their contents. >> emission of natural gas along the pipeline that could be polluting worse than cole. >> could be but we don't have good data on the baseline. >> we've got to get the technology right, the safety right, the completion of the wells right so there is no leaking and we have to do all of this to preserve public confidence that this tremendous resource can be developed safely and responsibly. >> let's go to our first audience response because i'd like to see how this is being perceived as affecting business. >> it is having the following affect on my company's profitability, positive, no notable effects, negative? >> i know for some people here it's having a very positive

effect. >> you're playing my song. everybody vote? 31 positive. 61% no notable effect. 2% negative. >> why are you surprised? >> i would have flipped it and said 2/3 positive. >> is it too soon? >> people may not have recognized -- this has been the notable bright spot in the economy over the last several years so it's impacted in a whole host of other ways, not necessarily for people who are energy intensive. >> people don't know it's affecting them. >> yeah. >> let's go to the next

question. exporting u.s. gas caused pressure on gas prices, the u.s. should nonetheless permit exports of u.s. gas to the degree the market will bear. assure low prices in the u.s. or not permit gas to be exported? >> this has been a big debate. companies like dow chemical have said you have to put the reign reigns on exporting gas. it's going to increase an opportunity we've been handed. >> this is one question dan won't be voting on. >> so 67% say permit exports of us to the degree the market will bear. 25% say limit it. >> let me add a footnote to that which is i think the change in our gas market is it

was supply constraint for many years. now it's demand constrained. the numbers are so large this is yust one thing that will be done with this additional gas supply. >> walk us through the department of energy's thinking on this. >> our thinking is guided by statute. and the natural gas act provides that in the case of a country with which we do not have a free trade agreement because most people that have a free trade agreement with the yilets approve of a license automatic. for the others they have to make a public interest determination that proving export would not be inconsist nlt with our national interest. wand cite i can't developed back in 1984. the criteria are still

applicable. we looked at everything from employment and we take environmental considerations under consideration and so on. and we did a couple of studies a couple of years ago. we could see we had to take into account the cumulative effect of all the possible exports being approved. we did a couple of studies which would go into whatever but the net of the studies and the one more sophisticated was that actually net economic benefit to the united states was higher across all scenarios of natural gas exports and the higher the exporlts the higher the benefit. we did not espouse that study

but we put it out for public comment and got 200,000 comments. that is what led to us have the confidence to make the conclusion in the second case a few weeks ago that we could approve that license application. >> that's the first of many. >> there are several more in the queue. >> dow chemicals argument and admits it own self-interest. it's plants do more. is that look eventually it will drive up prices because department of energy is not calculating in all of the manufacturing that is coming back to the u.s. or be initiated in the u.s. because of low gas prices. we're going to get caught out and that is going to make us less competitive. >> do you buy that argument.

>> people were drilling and losing money. it balanced out. >> it stopped drilling. >> they stop and prices will go down again. >> what is now being seen is there is kind of a window here. the u.s. is not the only player here. they are talking about five fassniss british columbia.

>> talk about the gee politics a u.s. energy exporter is kind of hard to fathom. >> i'm happy to do that. i was talking backstage and one thing i remember from economics is supply and demand. if we have this out pouring of natural gas according to this so-called study, if under many scenarios it won't get exported. only

>> what is going to happen when u.s. exports get out on the market. they are not going to bottle up the gas they have spent billions of dollars to prepare. this is a self-mechanism to this that is likely to kick in. we saw it happened at the very time i was visiting to see what was going on there. at that point natural gas prices got down to two dollars or less. you can't run the rigs and those companies that weren't hedged were in trouble. so you saw 1500 rigs or so move up off the dry gas and go to the wet gas. they pick up the methane and the dry gas at the same time. i think we have to take a holistic vufmente on the gee politics. ed the a traps formation al effect. the energy security, just take one region of the world. the energy security.

people have run a cottage industry for years. and there is serious concern about the ability of a major gas splire to have influence over plilts which now is less russia for example. and now you have not only the possibility of exports from the u.s. and they are interested in europe in our exports but they are beginning to develop their sheal gas resources which goes back to the point they have to be just as careful as we in making sure they get the science right and the politics right. they are bhiped the eight ball and they now have a moratorium in place. >> we've talked about gas.

we're pumping a lot of oil into a global market that causes prices to change around the world and that results in pressures perhaps on a place like iran being greater than we might have been able to achieve had we been drinking up some of that oil. is that happening? >> oil prices, they are not low. let's be clear about that. i think without this additional production they would be a good deal higher particularly since we squeezed out over a million barrels a day. >> i've never seen this level of success and i've been

>> they are losing $3 to $5 billion a month. it various month to month. it has lost half of its value point two. it's essential we keep the pressure on them. just one more point to bring it back to this panel. as dan suggested but for our own increases of production 800,000 bar relts a day just since last year going up another 800,000 barrels a day. greater production from iraq

which we have been working with them to make sure those oil fields recover and bring more to market and frankly the continued support of our suppliers in the gulf, in particular the saudis. that has given us the head room in the market to be able to impose that kind of economic pressure on iran without seing the kind of oil spike we saw in 2008 which could jeopardize world growth. >> let's go to our third question because there is environmental impact here as well. among the nation's top energy prirltety should be fully exploiting it's reserves of sheal oil and gas, transitions to wind solar and hydroas soon as possible, work with other nations to address global climate change concerns? so the nation's top energy

priorityty? >> can't be all three? >> can't. >> i know my answer. >> people have probably made up their minds. >> let me ask you: sheal gas was seen as this panacea. half of the carbon foot prints, 54% totally exploit shale gas. 20% transition to clean forms. so a very heavy environmental focus among our c.f.o.'s heemplet more than half say the priorityty should be on exporting the reserves. shale gas was seen as this panacea because it has half the

carbon footprint of coal. they say we're not sure this is playing out the way that we thought. there is as you refer to the methane emissions, want to study it more and understand the scope of that. that's the worst kind of pollution going out straight into the atmosphere and worst from the environmental standpoint, what they saw is a bridge to renewables. shale gat is good for the next few years. now it looks like it's subplanting renewables. do you see that as a -- >> i think on this methane issue. it's out there. it's an emotional issue. i have to say that some of the work that's been done uses numbers we've generated and that's been quite distorted. as dan says we need the actual measurements of it. what has happened is it's become the default fuel in

electric generation. our levels are down to where they were in 1982 and what is striking about that is our economy is 50% bigger so this is having a positive environmental impact. it's competitive and changed the competitive landscape in every source of the marketplace. renewables are driven by the mandates that exist for california says it has to be 2022 1/3 renewables in electric generation. so that is going to continue. renewables cost have come down. >> i'll just add i would call that a false tri cotmy. we believe in that strategy and just to take one particular point, it is a transition. natural gas is transition fuel. it's got half the green house

emissions of coal, of high generation in particular. but at the same time, gas fired plants are critical to the integration to the grid. because obviously when the swipped not blowing and sun isn't shining you need something to pick up the load so your whole system doesn't crash. they don't like to be spun up and spun down. gas does. so you have to think of a relationship between combined gas plants and some of these intermittent sources of power generation such as wind and solar. >> i had a lot of questions in the audience. anybody want to raise their hand? >> i think [inaudible] . stpwhri don't think they are mutely exclusive. we have a big complex economy.

>> in construction of smaller nuclear power plants in the united states, i like the river surjents but i think that would not be the word i would use. i believe that the small mod due lar reactor prospect is probably the most exciting prospect in power generation. we're very pleased that for the first time in 30 years we're building four light water reactors in south carolina and jornl george but we have put programs together to get licensed new designs of small water reactors. they have advantages in terms of a different business case instead of complex plants that take a long time to build. requirements are much smaller and they don't need such a large group to accommodate the load.

they have waste management benefits and there is a lot of interest all around the world. this is a place where the united states can still be first. >> can you talk about ethanol mandates disconnect from realities and the general overregulation of the energy sector. how is it impacted by the e.p.a.? >> at this point we are watching the mandates, watching the effect, watching in terms of what we're doing it's not affecting our day-to-day business. we continue more broadly to be investing significantly in buy fuels and looking at next generation and so forth. but in terms of day-to-day market impact of the ethanol e quation and going from ten to 15 it's not taking up a lot of our time. >> if we round back to when we were going to run out of oil five or six years ago, that

generation ethanol, i think the people who have been working on it are finding out it's a much harder process to achieve than it looked like around 2006. >> and the challenge has been one of scaling up. it's getting to the barrel full. i was out at our laboratory and there is exiletting work being done at the level of one on the right tors but the life cycle cost of making something like that competitive is challenging. there was a lot of exciting work continuing. i just got back from brazil. there are a lot of interesting aviation buy fuels as well. >> this is from hugh johnson. what did you see when you predibblingted energy independence? and what surprises do you see up coming in energy that the

markets don't yet understand? >> that's a heavy responsibility you've given me. i think that what i saw was going back to my book. this was the fifth time the world ran out of oil and each time what made the difference in new technologies and new areas opening up. there was a kind of end of technology point of view. and it did not make sense to me that that was why technology would be over the incentive and the invasion needs were so great. and that's why i was skeptical, we were skeptical and i thought the world would surprise. i think question out there is the degree to which this does or doesn't go global. how much north american development because of our ecosystem and people own

mineral rights, because decisions get made quickly. that is one question. then i'm sure it's what are the technology frontier that is dan eluded to them a little bit but electricity storage, where are the other areas we're going to see the next wave of invasion. certainly in the energy business as others we've seen a globalization. not just in america. >> where does this leave the green energy movement? and i wonder if you could both talk a little bit about emissions? we've come a long way. we've improved emissions in this country through conservation, through gases. we're hitting some old goals. and if that's the case what should the next round of goals be? what should the object tives be for emissions control? >> we've made quite good progress toward the 17% goal by

2020 that we had set. we still have a fair stretch to go to get to that goal. and the distance we've traveled, a lot comes from fuel switching and moving toward natural gas.,

--se do help us drivers help drive us into lower emissions. >> we are twice as efficient that we were two decades ago. it's a reasonable goal to double energy efficiency again. >> over what time? >> two or three decades. that's a huge thing to do and we have a lot of momentum. a renewable energy conference year with the eu commissioners, the secretary of energy, he was so much outuld get of conservation but there's just one problem. there is no red ribbon to cut. there's no great photo op. not captureat does the imagination the same way. if we had not doubled our energy efficiency, we would be in a much more challenging situation and those

environmental objectives would be much more harder to achieve. >> thank you very much. >> next on c-span, president comey asinates james fbi director then mitch mcconnell talks about free speech under the obama administration. later, a discussion on nsa data collection and privacy laws. tomorrow on "washington journal ," the federal reserve's plan for stimulus programs with anthony sanders of george mason. tolowed by issues important younger americans including student loan interest rates and youth unemployment. we are joined by matthew segal. they use a photo database of almost 120 million people to and we willpects

talk to the national reporter. washington journal live at 7:00 a.m. eastern on c-span. >> this is a challenging time for people who are conservative. we have a quite liberal democratic president who has not only been elected but reelected after putting in place some ideas and programs and projects that, i think, are very wrongheaded. they had a chance to think about that and they reelected him. it's a challenging time. .t's also an exciting time what we're trying to do is modernize conservativism and and bring it in line with what the country is facing now to help the country and conservatives think about how to confront the challenges of the 21st century. neither party is doing a very good job of that.

there's a lot of opportunity to think about what america and the 21st-century needs to change to change about the way it governs itself to get back to economic growth, prosperity, a kind of cultural revival that we need. it's challenging, but it's exciting. >> more with national affairs levin sunday at 8:00 on c-span's "q and a." deputycomey served as attorney general in the bush administration. whitehe bush -- from the house, this is just over 10 minutes. [captions copyright national cable satellite corp. 2013] [captioning performed by national captioning institute] >> ladies and gentlemen, the president of the united states, accompanied by mr. bob mueller and mr. jim comey.

>> good afternoon, everybody. please have a seat. for more than a century, we have counted on the dedicated men and women of the fbi to keep us safe. in that time, the fbi has been led by six directors and the second longest serving director of the fbi, for the last 12 years, an exemplary public servant, bob mueller. by law fbi directors only serve for 10 years, but back in 2011, when bob's term was up, i asked congress to give him two more years. it was not a request i made lightly, and i know congress did not grant it lightly, but at the time transitions were underway at the cia and the pentagon, and given the threats facing our

nation, it was critical to have bob's strong leadership at the bureau. 12 years is a long time to do anything. and i guarantee you that bob's wife agrees. in addition to asking congress, we need approval from ann as well. today, as bob prepares to complete his service, this is a wonderful opportunity for all of us as a nation to say thank you to bob and ann, but also gives me a chance to announce my next choice for the fbi director, jim comey. every day their staff devotes their lives to keep us secure, from the streets of our cities to the battlefield of afghanistan.

they embody the core principles of fidelity, bravery, and integrity. bob mueller has embodied those values through decades of public service and lived them every day as fbi director during an extraordinary time in our nation's history. bob, some of you will recall, was sworn in just days before 9/11. bob not only played a key role in her response to those attacks, he began one of the biggest transformations of the fbi in history to make sure that nothing like that ever happens again. like the marine that he has always been, bob never took his eyes off his mission. under his watch, the fbi joined

forces with our intelligence, military, and homeland security professionals to break up al qaeda's cells and their plots. i will say it as clearly as i can, many americans are alive today and our country is more secure because of the fbi's outstanding work under the leadership of bob mueller. bob and the fbi had been tireless against a whole range of challenges, from preventing violent crime and reducing gang activity, including along our border, to cracking down on white-collar criminals. today, there are many in the fbi who have never known the bureau without bob at the helm, and like us, they have admired his tenacity, his calm under pressure, devotion to our security, and his fidelity to the values that make us who we are. it is a trademark attributed to his humility that most of you would not recognize him on the street, but all of us are better because of his service. bob, i cannot tell you how grateful i am to you for your service. i know everyone here knows you will be remembered as one of the finest directors in the history of the fbi and one of the most admired public servants of our time.

personally, not only has it been a pleasure to work with bob, but i know very few people in public life who have shown more integrity more consistently, under more pressure than bob mueller. [applause] i think bob will agree when i say we have the perfect person to carry on this work in jim comey, a man who stands very tall for justice and the rule of law. i was saying while we were taking pictures with his gorgeous family here that they are all what michelle calls normalites. the grandson of a patrolman who

worked his way up to leave the yonkers police department, he has law enforcement in his blood. he helped bring down the gambino crime family, as a federal prosecutor in virginia he led an aggressive effort to combat gun violence reduce homicide rates and save lives, and he has been relentless, whether standing up for consumers against corporate fraud or bringing terrorists to justice. and as deputy attorney general he helped lead the justice department with skill and wisdom meeting threats we know about and staying perpetually prepared for the ones that can emerge suddenly. so jim is exceptionally qualified to handle the full range of challenges a spy

today's fbi, from threats like violence and organized crime to protecting civil rights and children from exploitation, to meeting transnational challenges like terrorism and cyber threats. just as important as jim's experience is his character. he has talked about how he and his brother nearly lost their lives. they were at home when an intruder held them at gunpoint. he understands deeply in his core the anguish of victims of crime, what they go through, and he has made it his life's work to spare others that pain. to know jim is to know his independence and his deep integrity. like bob, who has been in washington for some time, he does not care for politics, he only cares about getting the job done. in key moments he joined bob in standing up for what he believed was right and was prepared to give up the job he loved rather than -- as jim has said, we know the rule of law sets this nation apart and -- its foundation. jim understands at a time of crisis we are not just solely by

how many plots we bring to justice, we are judged by our -- this work of striking a balance with security, but also making sure we are maintaining fidelity to those values that we cherish is a constant mission. that is who we are. and it is in large part because of my confidence, not only in his experience and his skill, but his integrity that i am confident that jim will be a leader who understands how to keep america safe and stay true to our founding ideals no matter what the future may bring. so to bob and ann, thank you for your service. i want to thank jim, his wife, patrice, and his family who are here -- maureen, katherine, brian, claire, and abby -- as he takes on this important role. he could not do this without you

and he is extraordinarily proud of all of you, and i can see why. this is a 10-year assignment. i make this nomination confident that long after i left office our security will be in good hands with servants like jim comey, and so i urge as usual for the senate to act promptly with hearings and to confirm our next fbi director right away. i would like now to give both of them a chance to say a few words, starting with bob. >> let me start by thanking you for those kind words. i also want to express my gratitude to both president bush and president obama for giving me the honor and a privilege of serving as the fbi director during these last few years. i want to take the opportunity to thank the men and women of the fbi.

it is through their work, dedication, and their adaptability that the fbi is better able to predict and prevent terrorism and crime of here and abroad. i want to thank my wife and my family for the support and their patience over the last 12 years, and i want to commend the president for the choice of jim comey as the next rector of the fbi. i have had the opportunity to work with jim or a number of years in the department of justice, and i have found him to be a man of honesty, dedication, and integrity. his experience, judgment, and strong sense of humility will benefit not only the bureau, but the country as a whole.

again, mr. president, thank you for this opportunity to serve. [applause] >> thank you, mr. president, for this honor and opportunity. i am not sure i have words to describe how excited i am to return to justice and especially to get work again with the people of the fbi. they are men and women who have devoted their lives to serving and protecting others, and i cannot wait to be there colleague yet again. everything i am and have done in my adult life is due to the great good fortune of marrying up. thanks to the long and support and occasional constructive criticism of my beloved troops,

of my amazing wife, patrice and abby, claire, brian, kate, and maureen, i am a much better person than i would have been without you. thank you for that. i must be out of my mind to be following bob mueller. i do not know whether i can fill those shoes, but i know however i do i will be standing truly on the shoulders of a giant, someone who has made a remarkable difference in the life of this country. i can promise you, mr. president and mr. director, i will do my very best to honor and protect that legacy, and i thank you again for this chance to serve. thank you. [applause] >> can we give bob mueller and ann one more round of applause? [applause] >> thank you.

forever"]and stripes >> when you talk about transparency, you're going to be giving signals to our adversaries as to whether capabilities are. the more specific you get about the program, the more specific you get about the oversight, the more specific you get about the capabilities and the success and to that extent, you have people sitting around saying, ok, now i understand what is to be done without numbers in yemen and the united states and i'm going to keep that in my mind. there's a price to be paid for that transparency. where that line is drawn in terms of identifying what our capabilities are is out of our hands.

there's a price to be paid for that transparency. , outgoing fbid director robert mueller makes his last scheduled appearance saturday at 10:00 a.m. eastern saturday at 10:00, the nsa before and after 9/11. and immigration stories. on c-span three, interviews with key house judiciary committee staff investigating whether there were grounds to impeach president nixon. click senate minority leader mitch mcconnell spoke today about free speech and intimidation by government agencies under the obama administration. he answered questions from the audience. from the american enterprise institute, this is 55 minutes. >> good morning, ladies and gentlemen.

the americant of enterprise institute and i'm delighted to welcome you to this address by the senate minority leader, mitch mcconnell. we are going to talk today about free speech. we are to talk today about the role of the government and .deas in this country in 1960, the president of this institution created a new model. it was very simple but very subversive. is competition of ideas fundamental to a free society. when he said that, he had a view that any place where you are working with ideas, you are 12 types of people. either you want to win the competition of ideas or you want to shut down the comfort -- shutdown the the idea -- you are either one of two types of people. you are strengthening the pillars with the competition, but if you want to shut it down,

you are weakening society. that was the view of one of our founders. perhaps it was a premonition that something bad was about to happen and, indeed, the following year it did. year he learned that the internal revenue service was on the side of shutting down the competition of ideas in this country. in 1961, john f. kennedy gave a speech about the discontented voice. the internal revenue service launched the ideological organization audit project. they targeted the american enterprise institute directly. as a direct result of john f. kennedy talking about the corrosive impact of ideological organizations in the war of ideas and they targeted this very institution.

once again, we sue the federal government to the irs has shown that it is shutting down the competition of ideas. we are joined by one of our best friend here at aei. mitch mcconnell is a great friend to us here at aei. it is always an honor for us to welcome him here to share his thoughts and none more so than it is here today. senator mitch mcconnell. [applause] >> good morning. i appreciate you all being here, and i want to thank you arthur. for the terrific leadership you survive here at aei, one of the most indispensable institutions in washington. arthur is a player manager in the think tank world.

he not only steers the ship, he is generating some of the best research. he also has a lot of fans on the hill and it is safe to say he is a model and an inspiration to college dropouts. and disillusioned french one players everywhere. [laughter] last june i said here and warned of a grave and growing threat to the first amendment. that threat has not let up at all. our ability to freely engage in civic life in defense of our beliefs is still under coordinated assault from groups on the left who do not like anyone criticizing them. from the white house that appears determined to shut up anybody who disagrees with it.

on the outside, there is a well documented effort by a number of left-wing groups like media matters who harass and intimidate conservatives with the goal of scaring them off the political playing field and off of the airwaves as well. an internal media matters memo showed the extent to which these tactics have been turned into a science. we learned of the groups plan to conduct oppositional research into the lives of on-air news personalities and other key decision-makers over at fox news. and to coordinate with partner groups to pressure the advertisers and shareholders to by the threat of boycotts, rallies, shame, embarrassment, and other tactics on a variety of issues important to the

progressive agenda. they had to make up a new name after the reagan era because the term liberal is pejorative to most americans these days. it's databases can also use to remove chronically problematic media figures. or to preempt programming altogether. then of course there is the widespread effort to stifle speech from within the government itself. something the obama administration has engaged in from its earliest days. to trace this back even further to the 2008 campaign, when i was

here with you last june, and my central point today is the attack on speech that we've seen over the past several years were never, never limited to a few left-wing pressure groups or even to the disclose up which is been promoted in congress. extend throughout the federal government to places like the fdc, the fcc, the hhs, and as all americans know, even to the irs. these assaults have often been aided and abetted by allies in congress. as for the irs, i have got a phone call from a constituent laster who said he'd been subjected to extensive questioning and unreasonable deadlines from the irs.

when similar complaints followed, i sent a letter to commissioner shulman asking for assurances that there was not any little targeting going on. public office in the irs depended on it. six weeks later i got a response from stephen miller in which he said to move along, nothing to see here. well, we know that was not the case. we now know the irs was actually engaged in the targeted applications of conservatives and others who were criticizing how the government was being run. you get audited for criticizing the government is being run?

overwhelm him with questions and paperwork and in some case initiate audits. in one case in irs agent demanded that the board members of the iowa pro-life group signed a declaration that they would not pick it planned parenthood. and irs agent allegedly demanded that the board members of an iowa pro-life group signed a declaration that they would not picket planned parenthood. several pro-israel groups said they were single out by the irs after clashing with the administer shoot over its policy on settlements. then there is the story of catherine ingle brett. she said after applying for tax exempt status for a voter

integrity group, she and her husband were visited by the fbi, the atf, osha, and an affiliate of the epa. when all is said and done, osha told them that they had $25,000 in fines. the epa demanded they spent $42,000 on new sheds and three years after applying for tax exempt status, they are still awaiting approval. the list of stories like this goes on and on. now we have an administration that is desperately trying to prove that nobody at the top, nobody at the top was involved in any of the stuff. even as they hope that the media loses interest in the scandal and moves on. but we will not move on. as serious as the irs scandal is, what we are dealing with is larger than the actions of one agency, or group of them please, this admin station has institutionalized the practice of picking bureaucrats against the people they should be serving and it should stop. the good news is that more people are beginning to catch

on. when i warned about this last year, i got slammed by the usual suspects on the left, as you can imagine. they said i was full of it. even some of the now realize that just because mcconnell is the one pulling the long, it is not mean there is not a fire. the irs scandal has reminded people of the temptations to abuse big government and its little patrons. people are waking up to a pattern, they are connecting the dots, and they are rightly troubled. looking back, the irs scandal helped explain a lot of the things the minister nation has done. you all are member the president wagging his finger at the

supreme court. the president wagging his finger at the supreme court sitting right there in the house of representatives during the 2010 state of the union. i assure you that this piece of presidential theater was not done for the ratings. he spent so much time and energy denouncing the case, but it's not the reason they gave. i realize this might be shocking to some of the interns in the crowd. the fact is the court decision was actually fairly unremarkable. all it really said was that under the first amendment every corporation in america should be free to participate in the

political process, not just the ones that own television and newspapers. why should a corporation that owns television stations get a card? free speech and everybody else does not. in other words, there should not be that when it comes to clinical speech who own media companies. it was a good and fair decision aimed at leveling the playing field. the real reason, the real reason the left was so concerned about citizens united is that they thought it meant more conservatives would form well for organizations. groups like planned parenthood

and the sierra club, for example are groups like this. what is notable is that they do not have to disclose their donors, they do not have to disclose their donors. that was the main concern of the president and his allies, they were not interested in the integrity of the process. if they were, they would've been just as upset at left-wing groups for remaining private for their donors. they really wanted was a hoax to stir outrage about conservative groups so that they could get their hands on the names of the folks who supported them. as a longtime political observer and first women hop, i knew exactly what the democrats were up to with their complaints about this decision. i have seen what the proponents of disclosure have intended and that past and it is not good government. that is why the donor list has been protected of the socialist worker party since 1979. that is also why the supreme court told the state of alabama that it cannot force of the naacp to disclose its donor list back in 1958.

the president could claim as he did six months after wagging his finger at the supreme court that the only people who do not want to disclose the truth of people with something to hide. he can claim that, but the fact is there is very good and legitimate reason that the court has detected folks from force disclosure. they know that failing to do so subject them to the kind of harassment that we have been seeing here the last three years. the political response to citizens united with the so- called disclose act was not about cleaning up politics, it was about finding a blunt political weapon to be used against anyone group and one group only. conservatives. those who doubt this have not

and paying attention to the tactics of the left. they must not have noticed the stories about top administration officials holding weekly phone calls with groups like media matters. they clearly do not know their history, and they must not have noticed the enemies list of conservative donors on the obama campaign website. or the strategic name dropping of conservative targets by the president's campaign team. these folks were talking about the coke brother so much, you would think they were running for president. but six months after the president rated the supreme court, he called out americans for prosperity by name. it was like sending a memo to the irs that said audit these

guys. all of these things together point to a coordinated effort to stifle speech, and that is why one of the most enduring lessons in the irs scandal comes from the timeline. we now know a team of irs specialist was tasked with isolate and conservatives for scrutiny as early as march of 2010. what happened before this party began is just as important as what happened after the targeting began. what matters is the atmosphere, what matters is the culture of intimidation, the culture of intimidation this resident and his allies created around any person or group that spoke up for conservatism or against the direction the president wanted to take us. the so-called special interest, he said special interest would flood the political process with money that would be coming from foreign entities. the problem he said his nobody knows who is behind these

groups. they were shadowy, they might even be foreign controlled. these were the kind of unsubstantiated claims the president and his allied claim from early 2010 right up and threw the election. they were just as reckless and preposterous as harry sang mitt romney has not paid taxes in 10 years. they might have been wrapped and appealing rhetoric of disclosure, but make no mistake, the goal was to win at any cost. that meant shutting off their opponents in any way they could. i don't believe they picked up

the phone and told someone at the irs to slow up these applications or audit anybody, but the truth is he did not have to. he did not have to do that. the message was clear enough. but if the message was clear the medium was also suited to the cause. and the public-sector unions have made a pact between those who tend to benefit from the growth of government. let us face it, when elected leaders and union bosses tell us that they should view half the american people as being a threat to democracy, it should not surprise any of us that they would look at it that way. why would we even expect a public and fully whose union more or less exist to grow the government to treat someone who

opposes that goal to a fair hearing. when the tea party was public vilified, is it any wonder that members of the union would get caught targeting them? this is something liberals used to worry about. fdr himself was horrified at the idea of look workers conspiring with lawmakers on how to divide up the tax payer pie. the him it was completely incompatible with public service to the public to be cut out of a negotiation in which the two sides were bartering over their money. even the first president of the afl-cio was impossible to bargain collective league with the government. if that is is actually had today. over the past several decades, the same public employees have conspired with congress to expand those powers even more. and you endlessly increase the budgets that finance them.

this is not done in the interest of serving taxpayers, it is done in the interest of policing them. because that is what happens when politicians start competing with the support of public sector unions, they stop serving the interests of people who elected them and start serving the interest of the government that they are supposed to be keeping in check. there is no better illustration than the news this week that the congressional hearings unionized employees at the irs about it $70 million in bonuses. $70 million in bonuses. the irs union is thumbing its nose at the american people, it is telling them in the clearest possible terms that it does not care about the scandal or how well the government works or how well it is even serving the

public. all it cares about is helping union workers get theirs. it is pure arrogance, and it reflects a sense of entitlement better suited to an aristocracy then a nation of constitutional self-government. it is increasingly appropriate to ask whose interest these public sector unions have in mind? the taxpayers? or their own? on this question, i will say that public sector unions are 50 or mistake. years ago i saw the dangerous potential for collusion between lawmakers and public security and when i served as executive of my own county. i fought hard against the

formation of public-sector unions and at the time there was a bipartisan agreement on this issue. most people realized it was not in the public interest. unfortunately, the appeal of union support proved too great for some and shortly after i was elected to the senate, they vacated my office and the dam of resistance broke. the existence of public employee unions is without question a big part of the reason people of so little trust in government these days. they are the reason so many state and local minas appellees are flat broke. they are behind public pensions. today i'm calling for a serious national debate about them. on the federal level, the first thing we should do is stop the automatic transfer of union dues from employee salaries at the taxpayers expense. [applause] if the unions want their dues, it should be incumbent on them

and not us to pay for it. the assault on free speech continues, and it is fairly an uphill battle. but if we are alert to the tactics of the left, and take these assaults one by one, i am confident that we can beat them back. let me give you a few final examples of what i'm talking about. right now there is an effort over at the federal communications commission to get groups that buy campaign ads to disclose their supporters. this is utterly, utterly irrelevant to the mission of the fcc. and we need to say so. the sec is being pushed to display their public supporters. this proposal does not protect shareholders and it does not protect governors. for the left, this is not about good government or corporate governance, is about winning at all costs. even if that means shredding the

first amendment and that is why we need to be vigilant about every one of these assaults. they might seem small and isolated in the particular, but together they reflect a culture of intimidation that extends throughout the government. a culture abetted by a bureaucracy that stands to benefit from it. the moment a gang of u.s. senators started writing letters last year demanding the irs enforce more disclosure upon conservative groups, we should have all cried foul. the moment white house proposed a draft order replying applicants for government contracts to disclose their political affiliations, we all should call them out. when the hhs secretary told insurance companies, back during the obamacare debate, told insurance companies that they could not tell their customers

how obamacare would impact them, we all should have pulled the alarm. as soon as we learned that left- wing groups were manufacturing public outcry for corporate disclosure at the sec, we should have exposed that for what it was. there might be some folks other waiting for hand signed memo from president obama to lois learned to turn up. do not hold your breath. what i'm saying that a court made a campaign to use the levers levers of government to target conservatives and stifle speech has been in full swing and in open view for all of us to see for years. it has been carried out by the same people who say there is nothing more to the disclose act then transparency and no more two other disclosure regulations than good government. but the irs scandal puts the lie to all of the posturing.

because now we know what happens when government gets its hands on this kind of information. when it is able to isolate its opponents and whether you are a pro-israel group, or a tea party group in louisville, they can make your life miserable. they can force you off the political playing field which is precisely what we cannot allow. there are a lot of important questions that remain to be answered about the irs scandal, but let's not lose sight of the larger scandal that has been right in front of us for five years. a sitting president who simply refuses to accept the fact that the public will not applaud everything that he does. this president expects the

public to applaud everything that he does. my plea to you today is that you call out his attacks on the first amendment whenever you see them, regardless of the target. because the right to free speech does not exist to protect what is popular, it exists to protect what is unpopular. the moment we forget that, we are all at risk from right to left. if liberals cannot compete on a level playing field, they should make up better arguments. what is wrong with the competition of ideas? if your argument is so weak that you have to try to intimidate and shut up your opponents in order to win the game? look, the only way to beat a bully is to fight back and that

is all of us need to do. be wise to the way of the left and never give an inch when it comes to free speech. thank you very much. [applause] >> we have time for some, comments. yes, ma'am. >> hi, my name is barbara from new york. is there any suspicion that intimidation goes beyond the irs and the things you mentioned? it is frightening considering that our government has things like stunt guns and star wars. >> i will not speculate where else they exist, where they already exist is pretty stunning. we have seen that at hhs.

they sent out a directive to health recoveries that they cannot tell their policy holders with the impact of obamacare would do to them. this is the same secretary that is shaking them down for money in order to run television advertising supporting obamacare. then of course over the fcc obama proposed an initiative that require you a condition to pursue what ever cause you may have to disclosure donors you are making advertisement. and then we have seen what is happening at the irs. the president himself has been demonizing these people and so the point i'm making here today is that it is not surprising that the bureaucracy would pick up on that. and think they would pick up on that and say that is what we are supposed to do. the ceo has laid out the game

plan, so i don't know what my else be going on, but the things we do know are going on our right in front of us and they are beyond disturbing. leave me, if this were a republican administration and these were liberal groups that were being subjected to this kind of treatment, this would be big news on the front page of "the new york times," on a daily basis. >> i am elizabeth, regular citizen. tank you for coming and educating us. day after day, we hear a litany of corruption and abuses which should not surprise us because we know that president obama has in his mind and is determined to fundamentally change and transform america. despite what karl rove advised, is there not any of these abuses

which legally rises to an impeachable offense? i'm sorry to put you on the spot, but you will not answer my e-mails. >> i think we need a thorough and complete investigation and let the facts take us where we will go. i am confident the house of representatives will have a thorough investigation, at least two committees i am aware of. they are pursuing this and a methodical way and i don't want to jump to any conclusions, i just love the fax to take us where they take us. i am prepared to say that the president and his political allies encouraged this kind of bureaucratic overreach by their public comments, but that is

what different from saying they ordered it. i think we need to find out who is responsible and the investigation will go on for quite some time. >> hello, a couple of your colleagues have proposed a constitutional amendment that would specify that no rights in the constitution would apply to corporations. i'm just wondering if you could react to that and maybe discuss some of the junta point is of consequences of that would be. >> give them some points for not hiding it. the constitution has been amended very rarely in our well over 200 year history. for good reason, it has served us well. they were not uncomfortable with corporate free speech when

corporations that owned newspapers or television stations were engaging in it, they only become uncomfortable ones of report said why should there be a carveout for corporations that own the media out and for no one else? it is an absurd proposal. >> what you think about the efforts of michael bloomberg to encourage democratic donors a particular amount of votes in the senate. >> he can express himself, and i support the right for him to say whatever he wants to. i obviously, from a partisan point of view, i hope they listen to him.

[laughter] >> i am part of the mccain institute and i'm currently a student at the university of texas and i am wondering about this issue, it seems like they are starting to notice obama's immortality is disappearing and that he is flawed. what will it take for them to go maybe it is time to see the light and understand that he is not all he's cracked up to be? >> i think it is keeping your eyes open and watching what is happening. simple observations. it is not surprising -- the biggest difference between the two parties today in america, they are the party of government and we are the party of the private sector. that is not that we should think there is no government at all, but they really trust the government.

that is why they are in such a tight alliance with a look employee unions who are the principal benefactor of larger government and to have little or no interest in bigger and bigger debt. to the extent that they have become skeptical, that maybe this degree of government is not such a good idea, that is an encouraging sign. one of the great things about being young is that if your health holds up, you get older. it is amazing how your views change as you advance in age and i hope they will simply observe what is going on. this is what you get when you elect a government that believes government is the answer. and for two years they owned the place. they had a great election in 2008. they can do whatever they wanted

to, and they did. $1 trillion stimulus, take over american healthcare, the student loan program, first four years of $20 deficits, they could do whatever they wanted to. the encouraging thing is that in 2010, they look to that initiative national restraining order. my guess is they were younger voters who began to have second thoughts. the president was reelected, but he did not have the kind of election he did in 2008. he did not flip the house am a change the senate much, it was status quo at the federal level. at the state level 30 out of 50

governors are now republicans. it was not a wiped out election. now we have divided government and divided government can do one of two things, they can do great things as reagan and tip o'neill did when they raised the age of social security and they did the last conference of tax reform, or even bill clinton when he joined a republican congress and did welfare reform. what has been missing during this time of divided government from 2010 until now is a

president willing to tackle the single biggest issues in country. it can only be done on a bipartisan basis, and the transcendent issue of our time is the size of our debt. what i have been waiting for with this president, i have plenty of differences with the president, he will be here for 3.5 years and what will he do? if you want to pivot and help us solve the biggest issues confronting your generation in the future, we need to try and do that, but i've not seen any evidence of it. i've not seen any evidence that he is willing to leave this ideological place or he is put himself in for virtually all of his presidency and move in a different direction. i have wondered the field from your comment, but i think younger voters are getting more skeptical because they are watching what is happening. >> npr had a story this week where they quoted if you left-

wing organizations that said they have undergone undue scrutiny as well, that they have been asked unwanted questions. don't we want the irs to make sure that those groups are not being given tax exempt status? >> i think it will be easy to get tax-exempt status whether you are on the left or right. i'll think the government should deny a status that should be rather easy to achieve. i am not a fan of harassing either right or left. >> i just want to follow up on that. this claim is being made that these groups are abusing their tax status, i'm not seeing any proof of those claims.

if they were not 501(c) organizations, presumably to be 527 organizations and from the standpoint of revenue collection does this make any difference for the federal government and the irs? >> none whatsoever. good point. >> senator, you mentioned about the fact that 501(c) organizations do not have to disclose their donors, and that is true that they do not have to disclose them publicly. i represent the national organization for marriage. donors were released by the irs illegally. would you support a legislation that they would no longer have to disclose their donors to the irs?

>> i have not thought about it, i assume you've given that case examples to the house republicans. >> yes, we asked foran investigation a year ago, but the irs will not give us a report because they are hiding behind taxpayer confidentiality and they are saying it is confidential. they will not tell us the identity of the individuals within the irs who were responsible for that disclosure. >> my bias is in favor of as much political speech as possible with minimal amount of government interference and harassment on the left or right or anyone else. i think the last thing the american people suffer from is too little political discourse. that would be my general philosophical approach to all of these issues.

there is a rational basis for groups like as not having to disclose, that is what the supreme court decision was all about. it is one thing to require disclosure when you give to a candidate or to a party, i do not oppose that. i think my voters and all of you should know who supports my campaign and my party. but these are not contributions to candidates or parties, these are contributions to groups and sometimes that does intersect with what is going on politically because it is important to remember that only those who get elected make policy. so, a lot of issues that people want to discuss certainly do intersect with the political discussion that is going on

because they might have views that are better represented by one point of view versus the other. to me, this is not a subject we should be alarmed about. that we should think is something that needs to be dealt with, i think it is something that needs to be encouraged. >> senator -- >> i have enjoyed you over the years, norm. you have been wrong about almost everything. [laughter] [applause] i've always wondered who has eaten lunch with you over the years. >> i have more friends than you think. >> some of the worst things that have been said about me have been said by you. you have been entirely wrong on virtually every occasion i'm glad to see what is on your mind. [laughter] >> one thing we agree on is that some of the worst things that are said about me have been said by you.

>> i didn't make anything up, i was quoting you directly. >> my first question is that in 2000 on "meet the press," you gave an eloquent defense on disclosure and why a little disclosure is better than a lot of disclosure. in the citizens united decision, we had eight justices including robert scalia and alito all caps give an all equally full throated defense of disclosure of all sorts including shareholders knowing what their companies doing in the political front. why -- >> of course that is not accurate. they didn't say was a matter of constitutional interpretation, i am sure that if we passed it they would not strike you down. with regard to disclosure, you

-- they would not strike it down. with regard to disclosure, you have to go back to the 1980's to find a time when i suggested -- which i did and i was wrong about it -- to find a time that i suggested that disclosure of 501(c) was a good idea. i made a mistake, the supreme court left that up to congress to decide and the democrats tried to pass the disclose act selectica the names of our handsthey could get their on the names of our critics and we want to make it difficult for them. >> let me ask one more question about 501(c). the law says that they are supposed to be exclusively welfare organizations, to believe that organizing for america and america's crossroad gps are exclusively welfare

organizations? >> the interpretation that the irs has had going back 40 or 50 years, i agree with. let me tell you what norm is really for. what he's really for is the government telling candidates for congress how much they can spend government mandated spending limits, and using tax money to pay for it. if norm had his way, he would push the private sector all the way out of the process of getting elected. you would file, the government would tell you how much you could speak and spend, the government would give you the money to pay for your speech. a total government takeover of the whole process from the time you file, to the time you're sworn in. what congress is that likely to produce? the kind that was to go the government because the government would be in charge of how they got there. make no mistake, norm is a good old-fashioned far left guy. i like him, he has been wrong for as long as i can remember

and it is great to see you i -- see you here. withbeen wanting to spar you for years. [applause] >> paul from cnn, the issue of immigration tuesday, one area that the two parties are comprimising. how do you think this will sort out? >> i am not doing an immigration press conference here. we will be on that matter for another week or so. how about that young lady right there? >> senator, thank you so much for coming. i was wondering, just looking at mexico and how they have had political turmoil and yet they are still pushing forward a number of substantial legislation and policy they want to get accomplished, they are still able to do that even though they have had a ethical political environment.

you said the president has been unwilling to negotiate and deal with the government that he is faced with. is there anyway we can work through that and the comp but some of the things he mentioned like tax reform, dealing with irs? >> i hope so. it is up to the president. the president and our system is unique. there is only one person in america that can sign something into law and only one person who can deliver to the members of his party. the speaker and i have tried to engage the president for 4.5 years to tackle the transcendent issue of our time, unfunded liabilities and our current debt which is stunning.

i think, as part of his responsibility, what i hope what he will decided to engage in a serious discussion about how to get an outcome to the biggest problem facing our country. we've not seen that yet, but i can't give up hope because he will be there 3.5 more years. we have do deal with the government we have, not the one that we hope for. >> do you have any thoughts about reauthorizing the anthony statute so we can get some of these investigations out from -- the independent statute so we can get some of these investigations out from under the thumb of his partnership? >> i have let that happily expire in the late 90's. i don't think it's her of the country well at all and i would well's served the country

at all and i would not be in favor of bringing it back. it was one of the post watergate reforms -- most of those have not worked out very well. i don't think going back to that would be a step in the right direction. >> hello, i am in internet freedom works and i was curious about what you are thoughts were on the nsa's overreach as far as wiretapping? how would you think it should be addressed? do you think it needs to be reformed? >> i will confine the discussion today to things that are largely related to the subject of my speech and the independent counsel is in a way because it was part of the post-watergate reforms. any other questions on the topic that we have been talking about this morning? how about right here? >> hello, i just wanted to -- in

relation to public employee unions and your decision to have them scaled back, i just wondered if you want to comment on scott walker and how that can be translated nationally in other states? >> i think it has been a remarkable success story. i might not have this totally accurate, but roughly accurate that once the employees in wisconsin were given the option of not paying their dues, apparently the support plummeted. meaning that the employees, when given the choice, decided that representation was not that important to them. regardless of whether you have them or not, the larger question i wanted to raisee today is the appropriateness.

that's why i went back to fdr, the appropriateness of unions in the public sector because in every negotiation there is a missing person, and the missing person is the taxpayer. the negotiation is between today's public official in today's union leader reaching an agreement to obligate the taxpayer and their future and there is no taxpayer there. i believe that is why fdr, at least initially, felt that unions are entirely appropriate in the private sector. i support private-sector unionism. there is an election, a secret ballot election, winners when,

and losers accept it. but it seems to be as fundamental a incompatible. if you look at the results of that, with the pension problems all across the country, virtually every state in the country is awash with pension problems. people that work in the government actively discouraging and bring the power of the government down on the people who think the federal government is too big. it strikes me that this is a 50 year mistake and it is time to have a discussion again of the appropriateness of unionism in the public sector. in the private sector, find. i'll have a problem with that. but because we are suffering the consequence is that. -- of that. i will take one more question.

>> first, an observation about norms comment earlier where he talked about social welfare. when congress set up that statue in the 50's, there is no evidence that they intended to exclude political activity. i wondered your thoughts about this. do people trying to improve their government, couldn't that improve the social welfare in our nation? >> obviously, that is my view. i think we should be encouraging this sort of thing and not discouraging it. the whole disclosure game has nothing to do with anything other than going after your donors. it would never offended by this

until the last few years when conservatives started doing more of that. all the sudden, this is a fairly recent outrage here. this is about nothing other than getting the names of your donors so you can go after them. we should be discouraging that in every way we possibly can and encouraging this kind of participation. this kind of involvement is the kind we ought to have and goodness gracious to have the government itself picking winners and losers in the game of political speech is ridiculous. thank you for being here so much. [applause] [captions copyright national cable satellite corp. 2013] [captioning performed by national captioning institute] a look at cybersecurity

and later the former fed reserve chair. when you talk about transparency to the american public, you are going to give up something. you will be giving signals to the adversary. the more specific you get about the program, the more specific you get about the oversight, the more specific you get about the capabilities. you have people sitting around saying, ok. i understand what can be done with our numbers and in the united states. i will find another way to communicate. i'll keep that in my mind. there is a price to be paid for that transparency. where that line is drawn in terms of identifying is out of our hands. if you do not do it one way,

there is a price to be paid. , fbi directord robert mueller makes his last appearance before the senate judiciary saturday at 10 a.m. eastern. on book tv, books and issues in the news. , immigration on c- span 3 on american history tv. interviews with house committee staff. in light of news reports about nsa program electing phone and e-mail records, the congressional internet caucus held a discussion today on privacy law and technology. speakers are from the cato institute and the office for national security. this is about an hour. >> welcome. those you are here and

who are viewing the program through c-span to today's program on privacy, the nsa, and your constituents from an internet records on the law and technology. my name is roger. board member of the internet education foundation. on behalf of the internet education foundation, welcome to today's discussion. let me tell all of you that the twitter hashtag for today's program is #icacnsa. for about 20 years, the internet education program has pursued policies on the education and done this in a completely nonpartisan and educational way. this includes the work of the

professional internet caucus advisory committee, of which today's discussion is apart, and they also include the net conference, mobile net, and get netwise, and we expect soon on internet applications. i encourage you to visit our website neted.org and learn more about the internet a education. -- internet education foundation. if you like our work, i encourage you to be one of our supporters. to operate due to the contributions of generous people like you. today's discussion is one of the series of discussion sponsored by the internet advisory committee.

the internet caucus advisory committee is made up of trade organizations, nonprofit organizations, professional organizations, businesses, and others who are interested in and supportive of a neutral and open dialogue about the internet and its activities and functions. like all such events, it is made possible true the support and leadership of the internet caucuses cochairs, senators leahy and thune. again, the hashtag is #icacnsa. and the website is neted.org. our topic could not be more important or more timely. we will conclude by 1:00.

the discussion will be led by mary ellen callahan, a partner with the law firm of general and block and former chief privacy officer of the department of homeland security. we all look forward to an interesting program. mary ellen, thank you. >> welcome everybody. i want to briefly introduce my colleagues on the panel. we will go very quickly and cover a lot of topics. we will try to keep on our time. alphabetically to my left i have alan davidson, a visiting scholar at m.i.t. and former director of public policy at google for the americas. next to -- for the americas. next to him is michelle, the legislative counsel at the americans civil liberties union. julian sanchez

from the cato institute, and at the far end, mike, a partner at steptoe and johnson and formerly worked at the department of justice. we are going to talk about these issues and the information. i will give you a brief overview based on public accounts and recent testimony. this is an overview of the accounts as we know them related to programs. this will help us inform and define the rest of the discussion. first, what is the national security agency and why was that getting the records? the nsa's technical and legal authorities of expanded over the decades to expand to foreign intelligence and counter intelligence and in the past primarily operated outside the united states.

the programs we are discussing today, however, direct the content of manage data directly to the nsa after the fbi secured fisa court orders to secure documents. in this capacity, nsa is operating as a technical service provider of sorts, receiving the information directly, but on behalf of the fbi and analyzing information under the fbi's jurisdictional activities. the fisa act as a 1978 law that has been modified several times. it was designed for procedures of election of foreign intelligence information between foreign powers, agents of foreign powers, as well as those related to terrorism activities since september 11. the original intent was to revive judicial oversight of covert intelligence activities. the fisa court has been appointed by the chief justice

to serve for a seven-year term. the fisa court is ex parte. let's talk about the programs. first, the collection of business records, also known as section 215 of the usa patriot act. the patriot act as the -- takes business records. business records are defined as "any tangible thing." they have the authority to produce on behalf of the fbi telephone records for communications between united states and abroad, or wholly within the united states including vocal telephone calls.

-- local telephone calls. the local orders are appeared to commence on the issuance of the fisa order and run 90 days. the leak -- if the leak is indicative of the overall process. according to the doj, the leaked order is one of two orders issued simultaneously to be read together. the other order outlines what the fbi can and cannot do with the access information. doj has also testified about the limit of access and use of this data and some of those internal procedures were disclosed by the guardian yesterday. the data includes the number that was dealt from, the number that was doubt to, the day and the time and the length of the call. the fbi received 21 business record fisa court orders and 96 in 2010 according to doj testimony. prism is section five of the

fisa amendments act. section five is designed to facilitate the acquisition of foreign intelligence information concerning non-u.s. persons located out the united states. it cannot be used to intentionally target any u.s. citizen, u.s. person, anyone within the united date. but a u.s. citizen may be the result of targeting a non-us person. section 202 requires that cable companies and internet companies such as google and yahoo -- it indicated there was direct access to the information and user profiles. as i understand it now, that has been corrected. at the piers the online -- it appears the online companies received fisa court orders, although how the information is accessed by the nsa has not yet been clearly defined. the order contains information for multiple accounts and can include requests for content information.

intelligence officers are able to add the names of additional search queries up to one year later. for all fisa court orders, companies are prevented from his closing they received a fisa -- disclosing the received fisa court order. this week google went to the fisa court to seek permission to explicitly state how many fisa orders it has responded to every year. general alexander testified the use of these programs stopped 50 terrorist events. for section 202 and 10 using business record information. he did not have a number on the percentage of intel of essential intelligence coming out of the use of the business records metadata information. that was very long, but i wanted everybody to be operating on the same acronyms and terms as we go

through this rapid pace questioning. so, i want to open it up to the panel and ask a broad overarching fustian. what are your overall observations about these programs as recently disclosed and do you distinguish the two programs from a legal or policy perspective? >> thank you, mary ellen. thank you for having me here today. a quick word of context to start off. american companies have for years received many, many requests -- legitimate request from the government to produce data. internet and telecom company specifically operate under very strict rules set forth by congress that require how they comply with those requests and they get thousands every year. a large company get thousands of these every year. google has added transparency report for well. lester they received 42,000 law

-- last year they received 42,000 law enforcement requests, not including the kind of request we are talking about today. microsoft without its report in march. they got over 75,000 request in 2012. i say all this because this is something that has been going on for a while in terms of producing information for the government and it is something companies take extremely seriously. i can say from experience, the monies, larger companies have companies,er have whole teams dedicated to doing nothing but producing information for government requests. they were 24/7, weekends and holidays. they supply information quickly when an important information -- investigation is going on. the question is not whether the government is going to get access or should get data to the content of conversations of

telephone calls, e-mail. i think that has been asked and answered. the question, and it is an important question for congress, is what are the rules going to be? what standards apply? when should companies be required to turn this information over? that is the question raised by these two programs. just to highlight two particular things about these programs. the first -- well, i should say actually the standards actually make a very big difference. there are big differences between them in the ways that the standards operate. most americans think about a war and, -- warrant, like searching a home, you see on television. someone goes to a judge, gets a warrant, sees probable cause, they search her home. we are talking about something very different where the rules are not based on probable cause, but your relevance to an ongoing national security investigation. the discussion with the judge

happens in secret, ex parte. those differences are ultimately very important. that is what is interesting about these two revelations over the last couple of weeks. the first thing is, i think in the context of the verizon order that was disclosed about what telecommute and haitians -- what telecommunications companies are providing, i think what was surprising was the breath of that order and the fact that it is happening without a lot of strict wiring to a specific telephone call. the second thing that i think was surprising was the prism program, what appears to be the apparent ease of access to content. this information elected in secret, potentially about u.s. nationals and people around the world. the question -- are the rules

that we have in place effective enough of privacy? and i would say it's not just a civil liberties issue, that it is a business issue for companies. that is why you're hearing so much. it is a business issue because if people do not trust the services, they will not use them. that will not be good for american business, but it will not be good for the government's ability to get information in the future. those are the issues that i think get raised. >> thank you, alan. michelle? >> thank you. we are disappointed to see that these tools are being used to collect information on everyday americans. over the last decade or so the

american has asserted it can be trusted to use the patriot act, the fisa amendment act judiciously, that this was about people overseas, not you and me. we know that is not true with the leak from the guardian. the phone collection company -- program, we know collects the phone numbers of everybody in america every day. there is the statement from members of the senate intelligence community that confirms this is going to more than just verizon. this is a regular collection program being done across the different phone companies. we also know the fisa amendments act is being used for the full collection of internet data. while it is nominally targeted at people overseas, it is regularly collecting the information and data of people inside the united states and that, the government is allowed

to keep and use that information for certain purposes. i think right now there are two things congress needs to be thinking about. one is further disclosure. this is really just the tip of the iceberg and you need to get more information. for example, on the domestic collection programs under the patriot act. is it just phone records or is it more? records are not protected by the constitution. that means e-mail records, financial data, e-mail information. there were 212 orders like this last year. did some of them get this information? we need to understand the legal underpinnings better. there are fisa orders supposedly under review that contain much more information about how the courts came to the decision that all of our records are relevant and can be sent to the nsa every single day. without that information it is very hard for congress to make an informed decision and have an

informed debate. i think there is enough evidence now you can go in and start amending the statutes, especially to 15 of the patriot act. of thecially 215 patriot act. it does not mean it cannot be used to surveil terrorists and spies. that is actually an appropriate use. >> thank you, michelle. julian? julian, can you put your microphone on? >> it is a very different programs. there are different concerns raised by both of those. i hope that they are distinct, because when we talk about the utility of them, you see that

one might useful and on balance, justifiable with certain limitations and the other not. and then we discussed them separately and two analysis independently. i will say they are similar in that they both appeared to represent element in a trend i think we expected or suspected of going on in the fisa court since 9/11, which is a shift on the restrictions from what could be required to the backend where you have very broad access and analysts have the discretion to select which things will be queried for search. which selectors will be entered to pull up particular phone records or e-mail contents and various backend procedures are

counted on to prevent that from being misused. i think that is, frankly, dangerous, in a way that the fourth amendment was supposed to prevent. that it was centrally about moving discretion in search engines from executive agents to neutral message tracks. instead of letting the agent decide which homes to search and have a backend review to make sure they were not indiscriminately searching too many homes, you would they, no, -- say no, you need an upfront weren't for this particular home you're going to search. the move away from that, especially given the scale of the surveillance, which i think makes any meaningful oversight really more of a chimera than a reality, as evidenced by the fact that their findings -- more validity.

i'm not sure if that is enough to make us comfortable with this shift from front end to backend restrictions. once you got data, you've got the data. the backend restrictions on you -- on what you last onlydo with it until you decide to change them. >> mike? >> as everybody has said so far, the two programs are very different. i want to make a couple of points. try not to feel whiplash when you hear me talk. sometimes i will sound like a civil libertarian and sometimes like a former law enforcement person. i have perspectives on both that is not inconsistent.

bear with me. with regard to prism, which involves the election of so- called foreign information, where the target is supposed to be a so-called non-us person located abroad. key points to remember there, what is learned about the way that activity is being conducted is completely consistent with the terms of the statute and i do not think anyone can seriously argue that it's not. if you read the statute, everything that has been described you can see is -- jives with the statute. what is not so clear is the way it has been described by government officials. you will hear nsa officials described the collection of u.s. information as incidental, which at the nsa is a term of art.

to you and me, you look it up, it means accidental, unintentional. that is not what nsa means. nsa means the u.s. person is not the target, but they could very well be collecting information about the u.s. person. and the examples pretty much prove that. they cite this is the case -- this zazi case, for example. they are looking for ties between four and terrorist's and -- foreigns terrorists and people in the united states. that is something we want them to be doing. but that collection is hardly incidental in the way that most people would use that term. i think it's important when you

hear terms like that thrown about in hearings to be more skeptical of what "incidental" means. if you look at the targeting procedures that were leaked and the washington post and the guardian, you are probably not supposed to read those things because they are classified and the executive branch will tell you you're not supposed to read them. so, just read the articles. they are meant to collect information about u.s. persons as long as the u.s. person is not the ostensible target. and once they elect the information, they can retain it, disseminate its if it has intelligence value, relates to a crime, can be added to a technical database, whatever that means. so there are a lot of authorized ways to collect and retain the information about u.s. persons. those are the points about prism. section 215. it has been described as a dragnet electing phone call

information about every person in the united states. that is apparently accurate. i do not think it is necessarily accurate to say it is spying on all americans. what is being collected is simply phone numbers. not your name, not the content of the communications, but all the phone numbers so that nsa can analyze connections, so they can see what phone numbers are known terrorist calling and calling back? inside the u.s. or outside the u.s. once they determine a phone number needs to be looked at more carefully, and then they will go at a regular pfizer -- fisa order which involves going to a judge and getting information -- a -- information. there are protections in place.

a final note about both programs really the important things are the minimization procedures in the targeting procedures. that is what all boils down to. exactly what are the rules regarding how the government gets this information and how it may use it. if you're satisfied those things are essentially protective, i think you will be more comforted with these programs. if you do not think that those are essentially rigorous, then you will be discomfited. we will talk about that in a bit. to me the key question is can you have meaningful oversight when these things are classified, so people are left wondering what are the minimization and targeting procedures? with the leak, that is a bit of a moot point. >> thank you, mike. that is a great segue. you ended on the question of oversight.

during the public hearing of the house intelligence committee, the nsa and doj discussed the business records used in prism. mike, i thought we would talk about those oversight elements and do you think they are adequate as currently constructed? then i will turn that question to the rest of the panel. thanks. >> again, i will start with prism. actually, let me start with 215. 215 has two essential oversight mechanisms. first, the order has to be approved by a federal judge. so, the department of justice will present an application to the court explaining what the basis for the order is and the court will have to grant the order.

so, that should give you some comfort there. as julian was saying, that is the archetypal vision of the fourth amendment. you have a neutral magistrate making a pass of what the executive branch wants to do. the problem with that model when it comes to 215 orders is the government has a very broad definition of "investigation." remember, the information has to be relevant to an authorized investigation. most people read that in the statute, they will say ok, the government is investigating joe blow, so they want to collect information relative to joe blow somehow. this is clearly not how it is working. the government is collecting phone records on all people in the united states. they are using an expansive investigation -- definition of investigation. if you say we are investigating terrorist and that is the scope

of the information, then the role of the judges is pretty minor. essentially a signature and that's about it. there's not much more the judges doing. the second item is congressional oversight and i think there are serious questions about whether congressional oversight is adequate. it's really just the house and senate intelligence committees that typically engage in oversight of intelligence activities. everything is highly classified. and you know, there's not a lot of history of pushback that leads to the executive branch changing anything. again, unless there is broader involvement by congress, there's a serious question about whether oversight is adequate. 215 is a very different animal. there you do not have a federal judge issuing particular surveillance orders. they can make these directions,

give orders to serviced providers directly. the only role of the fisa is to review the minimization and targeting procedures, give the ok, and then up to a year, the dni issues orders directed to companies. the second oversight mechanism thereto, is congressional oversight in the same points i made earlier applied. >> that's very helpful. i think we all want to talk about this. i'll try to be brief, but brilliant. >> yes, very brief.

two points. one about the court oversight here. it's important to remember this is not an adversarial process. know when is representing the interest of the people whose records are collected. it is just the government before a secret court. these are programmatic orders. they don't have names or accounts on them. the court is in making individualized decisions about who is going to be spied upon. that is left to the administration to decide later. both under section 215, the domestic phone collection program and the fisa amendments act. this is an area of law that has been litigated, decided by public court. we really do not know what they're doing. we have statements from members of congress confirming there are court opinions interpreting our rights from the fourth amendment about what the government is allowed to collect and how they are allowed to use it and that is untenable because the decisions have to be brought out into the light. i will end with that second point of congress's role. so far congress has allowed the intelligence committees to do

secret oversight of secret programs allowed under secret court orders and led to the collection of every american's phone calls. this cannot continue. we need to pull this information out into the public sphere so the rank-and-file members can understand what they authorized, so the applicant understand how the government spies on them, and they can make decisions about how these programs should continue. secret surveillance has not been working and through the information leaked for the last couple of weeks, it is clear that some of this information has unnecessarily been kept secret and your bosses need to make strong decisions about what is appropriate. >> thank you, michelle. julian? >> there is a great book called "eyes on spies." it sums up the conclusions of most of the academic literature looking at congressional

oversight of intelligence. it's pretty feeble. members of the intelligence committee continually assure us that congressional oversight is rigorous and effective, but that is not a conclusion many other observers have arrived at. with respect to court orders, the way the statutes are framed, very often the court has limited discretion to reject orders that are formally correct. that is if the application has certain formal elements and certifications, the word has pretty limited discretion in denying that order and more generally, it comes up pretty regularly in regulatory caps. the court will often get captured by regulatory industry and the regulation will become not a way of checking the industry but in forming its

interest. i there's a lot of that to suggest something similar may have happened with the fisa court which is meeting in secret with one side continuously, and one tidbit of evidence -- we know initially the congress and the meta data surveillance we've seen disclosed in the orders was done according to residential directive without court order. you ask him why is this court going to do this and this is legal under the patriot act? why didn't he do that from the beginning? i think no one thought initially that the patriot act could authorize this kind of action as broad as it was.

once it was under way, the court was able to be brought around into signing off on it even though no one initially imagined it was him thing that was in their power to authorize. >> alan? >> quickly, i would say transparency will be a key. but for congress and the public. the role of secrecy here -- a peculiar feature of the statutory operators were talking about, the recipients of orders are not permitted to even disclose they have received the orders. that is an unusual revision -- provision in our framework and it has made it very hard for people to talk about even the number in aggregate of orders being received. there is a lot in terms of the addition to problems about how the court operates, just understanding the sheer number of these and how the statutes are being used. second, there's a lot of

ambiguity about how you interpret this. mike talked about the issues of what is relevant, what is an investigation. it is often understood that companies receiving minas orders will enter into an -- receiving these orders will enter into a negotiation about orders they have received. there have been a few public cases of this. google did this in 2006. they decided to do two months of search data. it just goes to show, there's a lot of ambiguity about how the statutes are supposed to operate and it shouldn't rely on negotiation with private actors from the government. there should be a lot more clarity. the low hanging fruit is a lot more transparency about how the orders are working and even how

many orders would help a lot. >> thanks, alan. i will take my own objective to raise a few more elements. i completely concur on the role of the house and senate intelligence committees. i do not think this is what frank church envisioned when he worked on intelligence reform. they have the authority to oversee the civil liberties issues and i want to highlight that because that is something that is not addressed. i want to go to the deputy attorney general's comments in front of the house intelligence committee earlier this week when you said there was lots of internal justice oversight, internal oversight within the department of justice. the oversight body within the department of justice is the national security division and the national security division has many strong capable lawyers but the concept of having an objective review of whether it is necessary, i find to be a weak link and i do not know there could be objective oversight. and i also know the department of justice as a civil liberties officer in that role has been

vacant since august. it was notable the deputy attorney general did not note the privacy and civil liberties officer was part of the review, because the obvious question is, well, who is the privacy and civil liberties officer? i would just have those questions about the oversight. now, we will turn to the business records orders. the president defended that approach by saying "nobody is listening to your calls and the information collected is only metadata. the information about the calls placed, the duration of calls, and so on."

does this comfort you, panelists? >> your records are incredibly sensitive. it is not the content of the communication. that is no comfort. the government would not want them so bad, right, if they did not have incredibly rich, telling data in them. if you look at a phone record, and you will know quite a lot about who you associate with, where you go. perhaps you are calling a cancer doctor or a lawyer who specializes in divorce. you can learn a lot. whether a congressperson is calling his scheduler at 3:00 in the afternoon or 3:00 in the morning, right? it is the content. the administration points back to old case law developed in the 1970's, saying because they are records there is no fourth amendment protection.

i think a lot of us think when this is revisited that decision will come down differently. the way we live our lives is very different. if you participate in modern society doing everyday things, these records reflect a lot about your life and they need to receive heightened rejection. -- protection. we can't dismiss this as a very minor intrusion. >> fellow panelists weigh in? >> twitter said the only time it makes sense to say "just metadata" is that a star trek convention. [laughter] >> why i agree with a lot of the points, i am comforted that it does not involve content. i think there's a difference between the government knowing what numbers i call or have been called i and the content of contentd by and the of those communications.

i think there is a real difference. even though you can make determinations about a person based on whom he or she is calling. the greater comfort comes from the rules regarding how the government uses the information. again that goes back to the internal procedures. if there are in fact rigorous procedures in place that the government will not look at the u.s. person, me or you, unless there is reason to believe you are somehow engaged in clandestine intelligence activities, i.e. spying, or terrorism, and they do have that suspicion and they need to get a court order, then i don't have a problem with that. when you think long-term about how much destructive power an individual can have now and is going to have even more off at -- more of as technology advances, there is got to be a way to keep track of individuals better than we do

now. it's a scary thought and that but no one really wants to confront, but it's an issue that's going to keep coming up and keep coming up. and in the worst case scenario, when an individual brings a suitcase nuke onto wall street and detonates it, the question is going to be, the government had this technical capability to keep track of people, but didn't use it? why? that will be the scandal. it's always a better idea to examine these issues and come up with a democratically agreed to set up procedures now rather than after an incident when the situation will be far worse from the civil liberties perspective. >> i will just add really quickly, first i think many people would agree there is a difference appropriately between the content of information's and other data about conversation.

we'd need to recognize there is a big of trend here. we create more and more of a set of data. -- meta data. there's more happening in the section of big data, creation of more and more data about us. i think there needs to be a conversation about data about us at scale. it comes back to the discussion about transparency. there are questions not only about targeting, but also how long is this information kept? how do we protect against mission creep? there's a lot of good work about the accountability of the system, a lot of technical work but it's very hard to know without having more transparency about how the systems actually >> just to end this portion of the conversation, my reaction to that is the collection first

onset of this metadata is -- it is probably on trend to say "well, it may be useful someday." i may buy size 2 suits because someday i may be size 2, but i may never be. the court records to obtain this order was not tangible -- i find that to be a stretch of a legal argument. so, with that said, we will turn to a slightly different points. let's talk about the justification. those nuclear bombs down on wall street. general alexander stated 50 terrorist events were stopped due to these programs. does that factor into your assessment? and what about the smaller nature of 20 terrorist events, with no specifics on the business records?

julian? >> a very brief coda to that last discussion. we are talking about metadata -- i'm not sure to what extent that continues. the distinction between content and metadata is not as sharp when you're talking about what site he person is visiting. that's effectively a description of the content they are accessing. in terms of the terrorist events that have been disrupted, a little background here. one of the very first inspector general reports on section 215 said the first use of 215, after being unused for several years, was essentially because the rector says, the congress will be reviewing our use of215. we better stop -- we better start using it so we have something to show for it.

i don't think that is nefarious, but there is perhaps motivated reasoning in play, because the desire not to use authority, whether or not it will be used in the future -- i'm not saying the fbi should be seen in that light. as we look at the specific cases described in hearings earlier this week, i think what we see is what at first it seems like fairly dramatic claims -- dozens of terror plots being foiled -- looks a lot less dramatic under closer scrutiny. if you separate out 702 from 215, actually 40 of these terror of vents, whatever that is, were overseas, so those may have involved prism or half may have

involved prism in some significant way and you have 10 or 12 that are domestic. and then if you start looking at those, how many used the metadata program specifically? well, the majority, we believe. so, six or seven? what are those cases? finding someone who had been donating money to al-shabaab, the ethiopian terror group. it is not clear that that is a terror event. zazi found through an e-mail address. not clear why a more targeted use of that would not have been possible.

there is another case involving the supposed lot bomb of the new york stock exchange. was it a serious plot? the director of the fbi said, the jury thought it was serious because they were all convicted. it turns out that there was no jury trial. the people were convicted of the essential support of a terrorist organization. again, money. the new york exchange part of it seems to be that the u.s. person scoped out several terrorist targets. it appears to have been abandoned. the u.s. attorney who works that case said there was no specific lot. -- plot. i think we should treat with skepticism if these are the showpiece cases they are bringing up to justify the old collection of all americans phone and possibly internet records, it is not clear that the justification that passes

that cost-benefit test. if you have general warrants to search any suspected place, yes, it turns out when you are investigating crimes, the thing that you use to help solve those crimes would be the general warrants. if we have a system where warrants are based on probable cause, that is what you will look back and see being useful in solving crimes. the question is, what are the instances in which only this broad authority and not traditional and more targeted authorities will do the job? there are types of analysis where you need the entire body of records to do fingerprinting of various kinds or pattern analysis. but these are not really justifications of these programs. their justifications of the ideas that phone records should sometimes be obtained which no one has contested. >> other colleagues want to talk

about that? >> i fully agree with julian that the cases are not really what they are made out to be. in spite of what general alexander characterized the numbers, when you look at testimony, really only one case but they talk about where 215 collection was instrumental, and that was the case of the fellow who gave i think $8,500 to al- shabaab. other cases, yes, 215 was relevant, but there's no indication it was instrumental or thwarted the terrorist attack. i think that's important to really probe. i think that something congress and intelligence committees should really grow. what role did these programs play? one point about prism, the collection these programs engage in are these sorts of programs that nsa could do outside the

united states with no court order whatsoever. that is its raison d'tre. collection of information outside of the united states. the reason that fisa was amended to section 702 was today so many international communications passed through the united states because of the way the internet is designed. for nsa to collect that information, it's much easier for them to do it here in the u.s. by basically wiretapping the major providers and the united states and the backbone providers in the united states rather than going abroad and trying to monitor everything there. when you think about their authority,, they are not really being authorized to collect anything more than they used to collect. they are just being authorized to do it within the united states. that is sort of the whole point. for me, that makes it less

problematic if you look at it from the 12,000 foot level. >> that's a very good point, mike. michelle? >> i agree with everything julian said. just to highlight you are being presented with a false choice. the question is, do you want to spy on terrorists or don't you? that's not the question. the question is, are you going to spy on the rest of us in the meantime just in case? that is not good police work. it violates the fourth amendment. just remember, over the last 14 years, you have the patriots -- the patriot act, the creation of the apartment of homeland security -- >> hey! >> [laughter] isn't there intelligence reform? >> then you have intelligence reform, the creation of homeland

security again, the rewrite of the fisa act. we are talking one level program on one tiny piece of continual expansion of mini programs through mini agencies. all of those tools are still available even if you stop spying on american phone records. do not think of this as not spying or spying, but whether you will include americans. >> thanks, michele. we will end up with an overview. one of the issues is to address the growth or development of the internet. so, panelist's, how do you think the disclosure of two programs will affect the companies and will it impact of the internet economy overall? again i will use a little discretion and say i have three

points i want to highlight. having gone to 20 eu member states to talk about government information carrying in my role as the u.s. department of homeland security privacy officer, and to say, don't worry, this was only used 96 times in 2010 -- i'm going to tell you. the relationship with the european union and the european commission are likely irreparably damaged. i used to say, no, believe me. don't worry. it will be fine. they would say, we don't believe you. you lie to us about guantanamo. you lie to us about rendition. now they have a third one in there. i also think that the concept of government and transparency has been harmed and particularly the nine named companies and at the

same time the other elements, the other companies operating in this space, will have a cloud over their heads, saying, well, are you participating in this? what is the access? the point on transparency is going to have to be a thing we development. to affect the internet economy, there is something in the privacy act called the ick factor. you can't define it, but people say "ick!" i think that will affect the government use of this data. alan? >> i think it's more than just the nine companies but the real impact on the broader internet communications economy. i think that we know people do not want to use services that they don't trust them. the last two weeks have not been

good for trust of major u.s. and internet medications companies, which is partly why you are hearing so much about why they are trying to, in their eyes, protect user privacy. you know, the director talked about this in his testimony from a different point of view. he said the disclosure will drive people away on the u.s. services and that is a damaging thing. i would say that is a damaging thing, but it is the existence of the services and the lack of transparency and oversight that is going to drive people away. we know people have choices out there. this will embolden the competitors, the services that are abroad, it will drive people especially if we do not address what the rules are -- it will drive people to use other tools. it will drive people to send their traffic other places than the united states. it will drive people to using

creation tools to protect their information so they cannot be surveilled. that will be damaging to industry, of course. but ultimately i would argue it is damaging to our ability to conduct the kind of surveillance that is really important. oversight and transparency are good for our ability ultimately to do this kind of surveillance, to give law enforcement the kind of tools we want them to have. i would say it is a false choice. we want our government to have the tools at its disposal, but we want them to be careful tools and we can do that with good rules and good tools, you have to be able to talk. you have to have a real conversation about how are the capabilities being used? are they being built in such a way that they will protect privacy over time? i think it's oversight and transparency is key to that conversation. >> thank you, alan.

michelle? >> i guess this is hopefully just the beginning of the disclosure process that will continue. and release more information about what information the government is collecting and being used. there's still a lot of questions left that we hope you and your bosses will pursue so you can make informed decisions about the value of these tools. this information will continue to be created by these companies. we will continue to use it. right now we do not have any option about whether we share that information with the government, and really the answer is going to lie with you as congress. it's incredibly clear that the administration will continue these are brands without any limitation. that the court will sign off on them. and if there is going to be more

oversight or judicious use of them, it's going to have to come from the direction of you guys. >> thanks, michele. julian. >> the fact that such an enormous percentage of traffic goes through the united states is a factor that will remain true until other countries decide that the cheapest tag for the packet is too costly. and the fact we are having this debate and the assurance were given that do not worry, we have this rigorous check and balances procedure. most of you cannot look at them on the guardian side. there are loopholes. we have all of these procedures in place. they're only people outside the u.s. that can be spied on. that does not play as well

overseas. it is no fun if everybody agrees. i will disagree. just for the sake of being the difficult -- doubles advocate. we can go through a few categories. i do not include the harm will be that great. with regard to europeans, of course they are going to complain. they always complain. they are coming from the eu officials in brussels. they are not comic from the presidents or prime ministers -- they are not coming from the presidents or prime ministers? why? they didn't information from us for their countries. the presidents meeting with angela merkel holmer she had to make a sour face. she acknowledged. not going to be much

lasting effect on our relations with the europeans just like with previous revelations of programs. in regard to the nine companies, there would not be lasting damage. even in short-term damage per how many people stopped using gmail or yahoo or any of the other services that were listed as being recipients of the demands for information under 702? very few. if you want to protect your privacy, you can use those while using other software. encryption software to protect your confidential communications if you want. there is very little choice. we entrust our most intimate , yahoo,to google facebook. that information is mind. it is shared with other companies we have no idea about. they deal with our information and so i do not see a huge

definition of trust. damage to our capabilities which is what the government officials have been citing. yes, there is damage in the short term now that the details of these programs have been refilled. there will not be greater damage long-term. our adversaries have to communicate. they may spend 90% of their communications and take efforts to avoid surveillance. two percent of the time, they are going to slip up for convenience. that is why wiretaps are still useful. they are no -- and they know they are being watched. will still make that phone call. -- they will still make that phone call. the damage i see is to our open society and democracy. if so few people really understand that these programs know thevery few

details of these, that is a problem. that means the executive branch is effectively running the show with very little oversight. exacerbated by the fact the president determines what is classified and congress has to ofy or think it has to obey what can be classified or shared. that is an area where congress can push back. congress has the power of the purse. as congress does not think it is getting enough information and what the second bridge is doing, it can cut off funding. -- and what the executive branch is doing, it can cut off funding. the is what makes congress most powerful burst. the question is whether it was to exert their power or not? thank all of my

catalyst. i want to leave you with a question. just because the information out there there does the government have a right to access it? will all have to struggle with. i will turn to roger to close out our luncheon. >> thank you very much. for those of you viewing us on c-span and those of you who worked your way to our conference room, thank you for joining us in this program of congressional internet caucus. as i said, if you would like to or ismore objective these sponsored, the internet educate foundation of a please join us -- foundation, please join us. you can learn more about these programs. on behalf of of the caucus advisory meeting, please join thanking our panelists.

[applause] in washington journal, we'll talk about the federal reserve plan for its stimulus program. followed by issues important to younger americans including student loan interest rates a useful implement. we are joined abide matthew siegal. state officials use a photo database of one to 20 people to identify suspects in criminal investigations. o- 120 million people type an identify criminal investigation. >> this a challenging time for people who are conservatives. who would have not only a democratic president but a quite liberal democratic president who has been

reelected after putting into place some ideas and programs and projects that are very wrongheaded. the public had a chance to think about it. they reelected him. it is a challenging time also an exciting time. , and many others are trying to do is modernize conservatism. in the conservatives country think about how to confront the challenges of the 21st-century. neither side is doing is doing a very good job of that. there's a lot of opportunity for thinking about what american the 21st century needs to change about the way it governs itself area to get better -- back to economic growth and a kind of cultural revival that we need. it is challenging but exciting. levin. with yuval

>> up next a discussion on cybersecurity for u.s. businesses from the wall street journal network annual conference. this about 40 minutes. >> this afternoon, we are joined by michael daniel and richard bejtlich. richard is with mandy and and michael is with -- the white house, side -- kind of a cyber coordinator, cyber czar in the white house advising the president on policy. we're going to talk about the primary issue i'm pretty much the mind of every ceo we talked to that comes through the journal. inevitably the conversation returns to cybersecurity. up until now we have heard extraordinary language. the administration has said this

is the largest left of intellectual property in the history of mankind of that has been going on for the last couple of years. the pentagon has a couple countries as being propagators of this, china particularly. 9:00 in the morning until 5:00 in the afternoon shift accessing government computers and military contractors. there was an extraordinary report earlier this year that identified china, the pla, right down to a building outside of shanghai, i believe. where this work was being done. we know it is a bad problem. all of us have these great concerns. today we're going to talk a little bit about some of the solutions. as soon as i get my ipad back, i'm going to call -- ask a couple of audience response questions about how much you believe you have already been

hacked. since i'm waiting for that, why don't we just start? rich, you worked on the china report. your company is in the is this of helping the private sector, like companies represented in this room, mitigate these problems once they start. what question should cfo's, a lot of whom have the cio reporting to them, the chief information officer, what questions should they be asking these days about their company and hacking gecko -- hacking? >> there are three questions i recommend you ask your cio or head of security. the first is what is the classification for all digital incidents in the last quarter, the last year? you want a number.

trending over time is ideal, but any number to start with. secondly, what is the amount of time from the time that event occurred to win someone dealt with it? the average of all those incidents. the third question you want to ask is, is our company a member of something called first. first.org is the website. for example, you might have several intrusions per year. the average containment time, if you want to use that term, is days or hours. and we are a member of first. thumbs up. you're doing very well. more likely you will find out you do not know what the count is, you do not know how to quickly you're dealing with those problems, and to not a member of that organization.

there are ways to get there. i had a discussion with general electric in 2007. the answers were don't know, don't know. all right. so, the last report we created showed the average time for that second question was 240 days. now, eight months of having an injured or do anything they want before anyone moves -- that's one of those felt the groups. we are not talking of garden righty kid in the basement. we are talking an advanced intruder. two thirds of the time, you are being told by the fbi or an outside agency. when i worked at ge, our cio gave us a one-hour mandate. he said, any computer in the company, within one hour you up

to find the intrusion and contain it. that is the goal to shoot for. if you can do it in one hour, it takes a very elite team to execute their mission to steal your data within that window. >> did you achieve that? >> yes, but it's a nine to 12 months of loss of investment. >> was that a computer anywhere in the world? >> yes. >> china, india, where ever? >> yes. >> give us a sense of that. how many hours, hamid people? >> we started out in 2007 the literal army of one. i was the first person to be assigned this problem. we had 13 people. we had -- a seat per year. >> what you mean? >> per employee.

>> that does not seem much. >> when you're charging $.25 per seat for antivirus, it's pretty significant. >> oh, i see. is that something that could be duplicated at public dump in these -- >> no, absolutely you can duplicate it. the problem is this is not a problem you solved by buying some kind of vendor products. i'm a vendor. if someone tries to sell you a shiny new box and say, just put this on your network and you'll be fine, you will have the same problem you had earlier. >> a 24-hour monitoring, and they would call with some suspicion -- >> it's even more than that. it was not sitting waiting for calls. you're out there looking for those guys. that is the key. you cannot sit behind your wall

and poke your head over and hope no one is coming over. you have to be looking. we coined the term "hunting" for the adversary. do not assume you are clean. the chances are he's already there. you have to be there looking for him. the more you do, the better you get, the faster you get overtime. >> you have polling questions and it is right there on your ipad. you can answer right there on your ipad. and there are techs in the room who are happy to tell you. how many of you have lost proprietary information to hackers? yes, no, don't know. has anyone else, any other large company duplicated this general electric model of a one-hour response to an intrusion? >> i would say -- i don't know

specifics around to be one hour, although the idea of aggressive on the network is widespread now in the defense industrial base and also the financial sector. and there are elements of other sectors too about this constant contact with the adversary over the last several years you are adopting that model. as you it quite a bit in the energy sector as well. >> absolutely. so by hunting, there are certain types of code you look for or ip addresses to look for? >> yes. artifacts, elements of the adversary you can look or and when you find it, you say he has been year or has been here. now we need to kick him out. >> ok. >> the other question is we always recommend to the company, do you have a mitigation plan if the bad guys do something, not to steal your data, but to do something to your data, do you

have a plan? have you tested it? >> what kind of responses would you get? >> it's all over the map. some companies have good plans they have tested. they probably had something bad happened to them in the past. others have no idea. >> the saudi example. >> that was a distrusted attack on their system where they wiped the master boot records off about 30,000 hard drives. >> what was their backup plan? >> they didn't have much of one. i think the open source

reporting lately showed they operated, limps along, maintained their businesses to buy tapering facts until they could reconstitute by literally rebuilding their network by purchasing new machines. probably not the way you want to go about it. >> 42% of you have lost information to hackers. 27% say you have not, and 31% say don't know. if you were to look at the stats, what would you make of that 27% and that 31%? >> i would say the 31% are being honest. those of you saying "no" need to get with your i.t. and security staff. it does come down to a question of definitions. not everyone in this room -- guessing who is in this room, not everyone in the room is necessarily a target of espionage. but then again, knowing who is in the room, i'm guessing that many of you are. if you do anything interesting and you have data that reflects what you do, you're a target. if you're doing a negotiation in china, if you're doing a joint venture, if you're going to

acquire a company in china, if china is going to acquire one of your companies, any one of those situations. they have stolen your data, they know the negotiations, they are sitting there with your plan translated. i'm hearing people say yes. this is the new reality of dealing with that sort of adversary. it is part of their business process, it is part of their due diligence when they are doing a deal. >> when you're across the table with someone who seems well prepared it is because they are. if you could give us a response to this. have you been contacted by law enforcement about an intrusion into your network? have you been contacted by law enforcement? michael let's turn to you while we're waiting for people to answer this. a lot has been proposed by

congress. there's no end of mashing of teeth over there. they get this. a lot has been proposed in congress but there has been a fair number of speed bumps of this. that is part of the result or the reason for an executive order. can you quickly walk us through where the legislation stands and what the executive order does. >> sure. the first point i will make is the fact that it is taking a while to get to legislation that can pass both the house and the senate and the president can sign, shouldn't come to a big sur price. thes is a hard -- surprise. fact that we are having a good

healthy debate about this issue in congress and the right way to solve the problem is a good thing for us. i think it will produce better legislation in the long run. i will much rather do it this way, through this process, than the immediate aftermath of a crisis, which does not tend to result in the best legislation. >> you can argue that we're already in the crisis. >> yes, but i'm thinking of something more destructive in result. what i would say is you've seen the house has passed a version of its information sharing bill, which usually goes by the acronym of fsspa. the senate is in its own version of that bill. there's other security bills floating around the house and the gnat homeland committee. the commerce committee has a bill and there's several others

from the armed service committee in various forms. what you see right now is there is a great deal of movement in the legislative front. what happened last year and what led to the executive order is that the legislation stalled out, particularly in the senate. they put together a very large bill, which ultimately couldn't get over the process hurdles in the senate. what the administration decided to do was what it could under the executive order, which if president signed the day of the state of the union back in february. the executive order is focused on doing three things. one it's focused on driving federal agencies to do a better job in pushing information out to the private sector. increasing the volume and the timely of information that we share with the private sector. the second thing it does is it brings in the civil liberties protections based on the

principles and phase those into all the processes that the federal government is using in the cyber security area. lastly, it directed the institution and standard of technology to lead an effort to develop a framework of best practices and standards in cyber security. in particular, we can apply to critical infrastructure. in our minds the framework would be useable by almost any company. to raise the level of skibe security across the board. it would not deal with all the threats that richard was talking about. >> it's a pseudoname for china, russia. >> whether it is state sponsored or -- there's some cyber criminal organizations that rival countries with their

technical capabilities. we want to raise that base line level of cyber security, particularly our critical infrastructure across the board and that is what the executive order is aimed at doing. now that we have the executive order signed and we're about just over few months of implementation we're back working with congress to get this over the finish line. >> this would be voluntary. what are the insensitives or penalties for a company running what is defined as a critical infrastructure to partake in this? >> so that is one of the things we're talking to congress about in the legislation that you see. some of what is out there is a discussion of what the incentives would be to encourage the uptake in the framework. one of the things that we would love to see is a development of market in this space.

one of the problems is that there's not enough data to do the underwriting to enable an insurance market to thrive at the level we would want. if you can encourage some of that to develop, that would be useful. that is something that there's a whole series of reports on incentives due to the president that were turned in. we'll make public the first part of july. >> if i'm a company and i'm sharing information with you about my customers that you need to have as the government or as a third-party organization, i'm the liability issues. >> yes, where the administration is we're very clear that we support targeting liability protection, particularly with sharing information back to the government. one of the things i have clearly learned that the more we have dug into the issue the more and

more complicated it gets. being able to translate the principles that i think almost everyone greece with and translating into that into statute -- statutory text that the lawyers say it is working, that is something we're spending time on. >> have you been contacted by law enforcement? 34% say yes. we kept you busy today. 66% of you have not checked your voicemail, i suspect. 56% say no you have not been contacted by enforcement regarding intrusion. what is critical snusht? where do you draw the lines? is it dams, food services? >> that is an interesting question. we largely work off of what the department of homeland security has defined in the protection

plan as critical infrastructure. there's about 16 different sectors that include things such as electricity, oil, natural gas, transportation, health care, water supply is part of it. i think there are varying degrees of concern and risk but that is largely the universe we focus on. >> so you're advising companies, richard. does this plan, this legislation, these initiative business government do, from the stand point of private companies that seek your companies advice and your advice and similar services, does this plan make sense? >> the companies we talk to they are concerned about liability protection. there's generally no upside to reveal that you've had an intrusion. there's differing thoughts on what is material if you're a

publicly traded company enyou have f.c.c. requirements to report to your shareholders. we find that companies -- give you an example. only a few organizations have come forward to say they have had a severe intrukes from china and places like that. google, new york times, it is very, very rare. when you hear about an intrusion because personal information was stolen an the company is trying to comply with the 47 different state laws. >> right. >> there's some desire, i think for some type of overall legislation that would allow for one reporting standard. just to give you an example. the state of south carolina, their reporting costs to tell their citizens they had lost data was $12 million.

that was well, well above the cost of responding to the instrution. it was all the -- instrution. >> so security was breached and there was with requirements to make it public on whose data was breached? >> $12 million to exspearns for a credit bureaus to do credit monitoring for so many years so that was the bulk of the costs. of course, as a state, they had probably less -- it is not like amazon was breached and has customers all over the world. but still, that is a significant chunk. we would like to see something along the lines liability protection, easier way to share information. those are the things we hear from our customers. >> where is the government's responsibility end and

businesses begin? what is the -- you know, what is being breached here? what are the borders? the u.s. protects its physical borders. is the u.s. responsible -- is the government responsible for protecting these new cyber borders or is that business? >> that is the fundamental question we're trying to answer in society right now. what is the government's role in cyber security? what is businesses role in cyber security? in cyber space, a lot of people talk about it like it is some sort of, like, a dimension not connected to the physical world. but all of those box, servers, wires, they exist somewhere. they exist in someone's country. they are on territory somewhere. that means that cyber space is connected to our physical geography. so geography matters. you cannot map the rules of

physical rehm into cyber space. i think you can make a credible argument that there is no such thing as security. everyone lives at the border. you all live at the border, every single one of us, in your personal lives or corporate lives. it is physically impossible to assign the role of border security to the federal government like we do in the physical realm. it has to be a shared responsible between the government and companies and individuals. i think trying to work out the burdens of the responsibility that is what we're trying to do right now. one model we talk a lot about is, because of that should we think more about the federal government's role in cyber space as one as disaster management? in the physical realm, the government runs the national weather service. we collect information from weather stations to generate a

weather map so citizens and companies can know if a bad storm is coming. one of the roles you can foresee is provide that kind of service in cyber space to provide that indication and warnings of what is happening out in cyber space. and then, to extend that model further, if you have an event that overwhelms local capacity, that is when the federal government would step in. just like not every storm in the physical world facilitates a federal response. but if it gets large enough and bad enough that's when the federal government steps in. that's one model. i don't know if that is something that everyone prescribes and believes in. but that is the kind of discussion we need to have. >> privacy is a big part of this discussion. how much citizens are willing to

allow private companies to share with the government and the government to share with private companies because the sharing has to go both ways. that is far from being resolved. are the disclosures that we've been watching over the last couple of weeks about n.s.a. activity, is that informing that debate? it seems there has been sequestrations on the fact of the n.s.a. that have resolved some of these sticky questions. >> i think it does highlight the fact that this is an ongoing issue with all of this information. the administration has had a strong stance from the very beginning in our cyber security legislation. we have to bake in civil liberty concerns from the get-go.

when we set up the sharing, particularly from the private sector back to the government, we want to make sure that the -- irrelevant personalable information is stripped out before citizen to the government. we want to see that happen. we want to make sure there are appropriate use limitations on information that is shared with the government. meaning that the government can only use information shared through cyber security channels for cyber security purposes. those are the kinds of protections we want to bake into the legislation and make sure they are a part of how we set up the information sharing routines. >> when you hear about the plan, the types of the information that the government is interested in seeing is not customer information. >> it's not. >> take a look at the mandate report.

go to the report and download it, you will not find a shved of personal information in that report. it is all ways to find intruders on the network. there's no personal identifiable information on that. no one in the private sector wants to provide it, no one in the government wants to get it or provide it back. >> let's go back to the n.s.a. for a second. >> are you sure we have to go back? >> yes, we do. what lessons do you think -- what lessons have you observed? you were in the air force and security network systems and the private sector. what lessons are we learning from the n.s.a. disclosures? is there maybes a higher tolerance of sharing of personal information and listening in on

people than perhaps we thought? the polls are showing a split. second, what went wrong from a security standpoint at a national security agency that this information got snout >> the take away i have is if more and more comes out it is confirming what people like myself and others have said is that, the united states targets, what we consider legitimate sources for information. meaning, foreign military, foreign government, foreign intelligence services. we do not hack into other people's networks to steal information for economic gain. i have never worked anywhere that has received stolen information obtained by u.s. government hackers. that is not something that happens in our country. when you hear the chinese say

you do it too, that is not true at all. if the chinese or russians had constrained our activity to u.s. government, u.s. military, u.s. intel community, state department, whatever, that is acceptable. that is what governments do to each other. >> we don't hack telecom company that we suspect of security breaches around the world. we don't hack the big national military maker? >> no one has said they are doing this. i can't speak to any sort of ongoing operations like that. but it is a state policy of the government and like-minded governments that you don't do that sort of thing. some people say do that. but that's not the way the united states conducts operations. >> what happened at the n.s.a.,

how this stuff got out? what do you think happened? >> i don't know. i was coached not to speculate. i'm not going to speculate on this one. [laughter] i would say it does illustrate that insiders can be devastating and by far, one well placed insider can be very devastating. >> we're going to go to questions in just a second. i want to address one more issue before we do. you can send questions your ipad or raise your hand. one more question is this about hacking back. my company should be allowed to hack back to retrieve stolen information or prevent exploitation. this is in the news this discussion has gotten going. my company should be allowed to hack back. 32% agree with that.

68% disagree. should companies be allowed to hack back? get their stuff, maybe freeze up someone's computer that they find their data on? >> it is my professional opinion the level of effort to do that in a responsible way and to get a decent return is too high. you're not going to -- you're going to counter more troubles doing that than you would if you just focused on defending your network. >> what is your troubles? it feels good. >> i will not deny the number one question when guy to any sort of company and they say what do we do? i want to go get these guys. who are they? everyone has that emotional response. we try to take them off the ledge and say it is not worth it. it make for a good buzzword. it is what we have government for. it is what we have law enforcement for. >> it is illegal now. you're not supposed to do it.

>> most people say it is legal. it's the law. >> among those people consider it illegal. >> there are companies that have reports based on them hacking into other countries and publishing their results. >> other countries have different rules. we say the costs are too high. what do you mean by that? >> whenever i have talked about this and wondered about this general councils say they don't want to expose ourselves to have allegations that company x is attacking and it is seen as too duress. >> something that the administration is thinking about from a law change standpoint to allow maybe more black ops? >> no. what we are talking about is, do we need to look at liability protection for companies taking action on their own networks?

for example, if you block legitimate traffic because it is coming from a compromised host provider someplace and you might need to be protected from that. that is taking actions ins a defensive capacity on your own network. we share very much, sort of this idea that sort of hacking back into other people's networks is going to produce worse results the unintended consequence will be far worse than what is achieved. granted the satisfaction of hitting back, i understand. i don't think that is a productive space to be in. it is one of the things we talk a as normal behavior in cyber space. we don't want to turn cyber space into the wild west anymore than it already is. >> the comparison has been made or the description has been made that you shut down a serve their

was serving the person who was doing the hacking but that server was also serving the hospital next door. we'll take questions now. i will go the ipad unless there is one -- right here. yes? >> very imimpressive results on the one-hour response team. when you got to your ideal state and assume infiltration had taken place, were you able to identify what was taken? >> maybe not right away. but you do bring up a key point that i need to mention. the one hour was if i could tell my boss i know everything about this case. in other words, i know how they got in, i know who is infected

and by shutting this down i'm not losing any sorts of intelligence. there were case where is someone broke in and i looked at it and i can't tell how these guys got in. we better not shut this off because if i do i'm going lose the only source i have on how these guys got into the network. i would go to my boss and ask for an exception. luckily that happened less and less as we got better and better visibility around the network. sometimes figuring out what they stole took a lot of engineering. for example, we saw them begin to steal data, it is encrypted but now i have to have one of my anyone js figure out how to break the encryption. he disappears for two weeks and says here's what they took. as you get better, by the way, they get better.

they start to bring in their -- they replace the c-team with the b-team and then bring in the a- team. we've seen it escalate over the course of the years. >> that bring raises another point too. if you look at what verizon does and other companies, north of 90% of instrutions rely on known fixabilities vulnerabilities. that means we know about them, we know how to fix them but the bad guys are still getting in. we could plug more holes, then that's why the adversaries can use the their c and d-teams. if we force them to use their a- teams they have less of them and that would slow them down. >> there's a question, nobody has mentioned the critical role that employees have to play in combating cyber attacks.

raising employee's awareness is one of the most important responsibilities for c.f.o.'s. do you agree? >> i do.

>> there's no consensus on that. that's not a vote of the fomc. that's not a plan that's written down someplace? >> it represents the consensus of the fomc, yes. >> if you could just -- the question i was going to ask was, could you give us some information on substantial improvement? is that the unemployment rate coming down by itself to 7%, or are there other factors involved, and is it substantial compared to the fall? >> well, there are many factors that we look at when trying to judge the labor market. as you know, we look at participation, payrolls, a variety of other data. but the 7% unemployment rate is indicative of the kind of progress we'd like to make in order to be able to say that

we've reached substantial rogress. >> i'm from the "wall street journal." mr. chairman, there's an undercurrent of optimism in your forecast, in your statement, in the policy statement today. for instance, the unemployment rate forecast comes down to 6.5% to 6.8% next year. it's the case that the fed is overestimated the economy's growth rate. very often in the past during this recovery. we've gone through a period in the first half of the year with pretty subdued growth. i would like to hear you explain where this optimism comes from and how confident you are that these expectations are going to be met. >> well, the fundamentals look a little better to us. in particular, the housing sector, which has been a drag on growth sense the crisis is now obviously a support to

growth. it's not only creating construction jobs, but as house prices rice, increase household wealth, increase sentiment, state and local governments who have been a major drag are now coming to a position where they no longer have to lay off large numbers of workers. generally speaking, financial conditions are improving. the main drag, the main head winds of growth this year is, as you know, is the federal fiscal policy, which the c.b.o. estimates is something on the order 1 1/2 percentage points of growth. our judgment is given that very heavy head wind, the fact that the economy is still moving ahead at at least a moderate pace is indicative that the underlying factors are improving. and so we'll see how that evolves. obviously we haven't seen the full effect yesterday of the fiscal policy changes. we want to see how they evolve as they wet through the fiscal

impact, but we're hopeful, as you can see from the individual project projections. again, this is not an official forecast of the committee. we'll be very interested to see if the economy does pick up a bit and continue to reduce unemployment as we anticipate. i think one thing that's very important for me to say is that , if you draw the conclusion that i just said that our policies, that our purchases will end in the middle of next year, you've drawn the wrong conclusion, because our purchases are tied to what happens in the economy. and if the federal reserve makes the same error and we overestimate what's happening, then our policies will adjust to that. we are not -- we have no determined or fixed plan. rather, our policies are going to depend on this scenario coming through. if it doesn't come true, we'll adjust our policies to that. >> i'm from reuters. thank you, mr. chairman.

financial conditions have tightened in the past few weeks and bond yields have gone up, and they've gone up again today. why do you think that is? and could you talk about whether that rise in bond yields and interest, longer term interest rates, could affect your economic outlook? particularly given the mortgage rates are now back up above 4%, if that could affect the recovery underway in the housing market. >> it's a good question. yes, rates have come up some. that's in part due to more optimism, i think, about the economy. it's in part due to perceptions f the federal reserve. the forecast, the projections that participants submitted for this meeting and, of course, were done the last few days, they were done with full knowledge with what happened to financial conditions. rates have tightened some, but other factors have been more positive. increasing house prices, for example. i think as far as the housing markets are concerned, we're going to want to watch that, but one important difference

now is that people are more optimistic about housing. they expect house prices to continue to rise. we see that, for example, in a survey question in a michigan survey. and that, you know, compensates to some extent for a slightly higher mortgage rate. and in fact, in terms of monthly payments on an average house, the change in mortgage rates we've seen so far is not all that dramatic. so, yes, our forecasts or projections do factor that in. if interest rates go up for the right reasons, that is, both optimism about the economy and an accurate assessment of monetary policy, that's a good hing, not a bad thing. >> i'm from the "financial times." you've always argued that it's the stock of assets that the federal reserve holds which affects long-term interest rates.

how do you reconcile that with the very sharp rise in real interest rates that we've seen in recent weeks? and do you think the market is correctly interpreting what you think is most likely to be the future path of the federal reserve stock of assets? thank you. >> well, we were a little puzzled by that. it was bigger than can be explained, i think, by changes in the ultimate stock of asset purchases within reasonable ranges. so i think we have to conclude that there are other factors at work as well, including, again, some optimism about the economy, maybe some uncertainty arising. so i'm agreeing with you that it seems larger that can be explained by a changing view of monetary policy. it's difficult to judge whether the markets are in singe or not. generally speaking -- are in sync or not. generally speaking, i think

from what i've seen from analysts and market participants, it's not wildly dmpt from what the committee is thinking. as i tried today to communicate, i think the most important think i want to convey again is that it's important not to say this date, that date, this time. it's important to understand that our policies are economic dependent, and in particular, if financial conditions move in that make it unlikely, then that would be a rather for us to adjust our policy. >> thanks. i'm from "the washington post." on monday, president obama said in an interview that he believed that you had stayed in your position of chairman for longer than you wanted to and maybe longer than you were supposed to. can you agree with that assessment of your term, and can you update us on any conversations you've had with him about your future?

>> well, we just spent two days working on monetary policy issues, and i would like the discussions, questions here on policy. i don't have anything for you n my personal plans. >> greetings, mr. chairman. i'm from bloomberg. i'd like to push for a little deeper explanation on thresholds and triggers. >> sure. >> the forecast and the mysterious dots kind of don't map into the unemployment forecast. we see more gradual rate rise going out, people moving to the right, at least one person, on when they expect the rate to increase. and yet unemployment is going to fall to 6.5% in 2014. also note that labor force participation is in not great shape, and you, in fact, have been a big believer that a lot of the exit from the workforce is related to weak demand, not

structural factors. so here's my question. can you explain a little bit more, you know, -- maybe is the threshold too high? i'll point out that the vice chair and two other people who used to work here have done significant research on maybe you need to let the unemployment rate fall much lower to pull these people back into the labor force, so i'm wondering if you can expand on that. >> well, it's a great question, but what you pointed out, the difference between the little dots and the forecast actually illustrates the point, which is, remember, the 6.5% is a threshold, not a trigger. in other words, when we get to that point, we will then at that point begin to, you know, look at whether an increase in rates is appropriate. and among the things we would take into account, first of all, is inflation, and inflation is obviously very low and expected to stay low. secondly, we would be taking

into account does, that unemployment rate fairly represent in some state the labor market? as you pointed out, we have underemployment, part-time work, people leaving the labor force, reduced participation, long-term unemployment, a number of factors which suggest that maybe the 6.5% is a little bit not exactly representative of the state of labor market at that point. so first of all, since it is a threshold and not a trigger, we are entirely free to take all that into account before we begin the process of raising rates, and that's what the diagram suggests. people are saying that unemployment will be at 6.5% in late 2014 or early 2015, but they're saying that an increase in rates may not follow, but several quarters after that. in terms of adjusting the threshold, i think that's something that might happen. if it did happen, it would be to lower it, i'm sure, not to aise it.

>> following up on that, i understand the 6.5% is the threshold, but you just talked about a 7% line for asset purchases. it sounded less leak a threshold than a target. if you're at about that level, you'll start with them mid next year. it's very easy to imagine a situation in which we get to 7% without seeing the increase. the employment rate has been at the same level in three years now. has something changed about the value of asset purchases. why are you cutting them off before you see that? >> well, substantial is in the eye of the beholder. think going from 8.1% and a stagnant rate of improvement to 7% in stronger economic growth is a substantial increase. i think it's important to explain that, you know, we view ourselves as having two tools. one of them is rate policy, and that includes both setting the rate and providing guidance about future rates. that's the basic tool. that's the one that the federal

reserve and other central banks have used forever. asset purchases are a different kind of thing. they're uncombinational policy. they come with certain risks and certain uncertainties that are not necessarily associated with rate policy. our intent from the beginning, as i've been very clear, was to use asset purchases as a way of achieving some near-term momentum, get the economy moving forward into a sustainable recovery, and then essentially to allow the low interest rate policy to carry us through. let me just make two, i think, very important points. the first is our target is not 7%, 6.5%, our target is maximum employment, which according to our projections, most of the people on the committee think is somewhere between 5% and 6% unemployment, and that's what we're trying to get to. these are guide posts that tell you how we're going to be shifting the mechanics of our tools as we try to land the ship on, you know, in a smooth

ay on to the aircraft carrier. the other thing i wanted to say was that stopping asset purchases, when that happens, and i think we're still some distance from that happening, but when that happens, that won't involve ending the stimulus from asset purchases, because we're going to hold on to that portfolio, and if the stock theory of portfolio is correct, which we believe it is, holding all those securities off of the market and reinvesting and still keeping, you know, still rolling over, maturing securities, we'll still continue to put downward pressure on interest rates. and so between our commitments to low federal funds rate, the large portfolio, we will still be producing a very large amount of stimulus, in our view, now bring the economy smoothly towards full

employment without incuring nnecessary costs or risks. >> hi, chairman. i'm from the dow jones news wire. you in your statement before the press conference and in the policy statement acknowledge that inflation readings have been low, but you maintain that inflation -- longer term inflation expectations have remained stable. actually, certain bond market measures of these things have fallen in recent weeks. is that of any concern, and if not, why? bhaled you need to see -- what would you need to see for the competent to start being more concerned that longer term inflation expectations are, in fact, falling? >> well, this is something we watch very carefully. there are a number of, as i mentioned in the statement, a number of transitory factors that may be contributing to the very low inflation rate. for example, the effects of the is he quest other medical payments, the fact that

nonmarket prices are extraordinarily low right now, so these are some things that we expect to reverse, and we expect to see inflation come up a bit. but first, on inflation expectations, it is true that the break evens from the inflation-adjusted, inflation index bonds have come down. to this point, they still remain within the historical range we've seen over the past few years, and moreover, other measures of inflation expectations, be it forecast by policy forecasters, whether it's measures from firms or households, those are all still pretty much in the same places as they were. now, that being said, and as i said in my opening remarks, we don't take anything foregranted. and one of the preconditions for the policy path that i described is that inflation begins at least gradually to return towards our 2% objective. if that doesn't happen, we will

obviously have to take some measures to address that. and we are certainly determined to keep inflation not only -- we want to keep inflation near its objective, not only avoiding inflation that's too high, but we also want to avoid nflation that's too low. >> mr. chairman, peter cook with bloomberg television. given the volatility we've seen in the markets sense your comments of may 22, the lengths to which you are stressing the forward guidance here today, it does suggest that there are some out there you're worried are not getting your message right now. i'm wondering, to what extent do you think now that your exit strategy is going to be that much more challenging? i'm in the small period of time when you haven't done all that much, you've seen this kind of reaction. >> well, it is important for us to communicate. it's particularly important when we have an unusual economic situation where i

think the standard relationships are not applying in the way they have, where we're using unconventional tools, we're using forward guidance, so i guess i agree with you that our communication is going to be very important. we hope that -- again, the key point i tried to make today is that our policies are tied to how the outlook evolves, and that should provide some comfort to markets, because they will understand, i hope, providing l be whatever support is necessary. if the economy does not improve along the lines that we expect, we'll provide additional support. if financial conditions evolve in a way that's inconsistent with economic recovery, we will provide support. and in that way, we hope to increase confidence, both among market participants, but also among investors and private consumers and other people in the economy. but again, i mean, your point

is well taken that we are in a position where the simple adjustment by 25 basis points in the federal funds rate seems like a long ago experience, and we are in a more complex type of situation. but we are determined to be as clear as we can, and we hope hat you and your listeners and the markets will all be able to ollow what we're saying. >> next month will be the three-year anniversary of the dodd-frank act. as you know, there are a number of significant rule makings that have yet to be finalized, the volcker rule, sections 155, 156, and risk retention to name a few. can you provide us with an update on where we stand with the rule making? and also, are you still optimistic that we will see these rules completed by the nd of this year? >> it's certainly true it's

taken time to do these regulations. there are a number of reasons for that. first, they are inherently quite complicated. the volcker rule, for example, involves very subtle distinctions between hedging, market making and proprietary trading. second reason is that many of them involve multiple agencies, which have to coordinate, cooperate, and agree on language. i think the rule is six agencies are involved in making that rule. and the third fact, the third basic issue is we really have to do our homework. we have to get these right. that means having extended comment periods, getting lots of information from the public, and then, you know, reviewing those comments and doing all we can to make sure we're responsive to those many, many concerns and suggestions. so it does take time. i think it's a little unfire say only 30% of the rules have been completed, because most of the rules, even as they haven't been completed, are now very far advanced, and that's true

for the major rules. we are very close, for example, to completing basil 3. we have made a good bit of progress on the volcker rule, and i do anticipate that being done this year. we are making additional progress on our 165, 166 advisory rules on the capital surcharges. these are all things that will be coming relatively soon, at least during, you know, the current year, and, of course, once they are out there, then it will still take some time to be implemented for financial institutions to change their practices and so on and so on. i would also emphasize, though, that even as this is going on, we are not ignoring the health and safety of the banking system, for example. since 2009, we've been doing these very rigorous stress tests, which are part of the dodd-frank rules. and the amount of capital that u.s. banks hold has roughly

doubled, the largest banks, since 2009. and indeed, the largest banks now appear, most of them, either to be basil 3 compliant or pretty close to compliant. so we are working with the banks to ensure their safety, help them move in the directions that they know they're going to have to be going, even as the rules themselves are being finalized. so it's an ongoing process, but i expect to see, you know, more rapid completion, you know, going forward in the next few uarters. >> peter barnes, fox business. sir, one of the highlights of the kansas city fed conference in jackson hole every year are remarks by the chairman, you. you're not going this year. we've heard it's because you have a conflict in your personal schedule. some have taken that as a sign that you may not be staying on the job for another term.

could you comment on that? and could you offer, give us a little more explanation as to why you're not going to be in jackson hole for the first time? >> well, as i said, i'm not going to comment on my personal plans, but i will say this -- i think there's a perception that the jackson hole conference is a federal reserve, systemwide conference. it's not. it's a conference sponsored by one of the 12 reserve banks. every one of the 12 reserve banks has conferences, has meetings, and this is one i've gone to the most, probably of any reserve bank. i think it's not inappropriate go to different different conferences, dmpt meetings, and meet all the constituents i have at these reserve banks. that's one reason certainly. >> a number of your colleagues have reflect in the new projections, expect the unemployment rate to get down

to 6.5% next year, which is your threshold for considering raising the funds rate. and yet the fomc has also said that it expects to keep rates very accommodative for a considerable time after asset purchases and after the recovery has strengthened, and yet here we are, the middle of 2013, you have not even begun to scale back asset purchases. i mean, you partially addressed this, but could there be a conflict between, on the one hand, the asset purchase program, on the other hand, the funds rate guidance policy? could they conflict? could you, perhaps, elaborate? >> well, i certainly hope the unemployment rate comes down so fast that this becomes a problem. i guess i would point out a couple of things. one is that, of course, there's a range of estimates, and

they're all based on each individual's idea of optimal policy. the policy assumptions may not be the same. it's true that some are as low as 6.5%. but as i said in my earlier answer, that's a threshold, not a trigger. evidently if you look at the policy expectations that are given in the sigh gram, you'll see that the very strong majority of fomc participants still expect rates to be quite low at the end of 2015. that's not inconsistent, that's just saying people are looking at a variety of factors, including inflation, which is predicted to be quite low, and other perhaps labor market factors in thinking about when it will be appropriate to start ncreasing rates. >> thank you. i'm from cnn, cnn money. first of all, i should tell you that your analogy to landing the economy on an aircraft

carrier worried me a little bit . from personal experience, i find that it's always a little bit jarring to land on an aircraft carrier. but i wanted to talk about mortgage-backed securities. you mentioned during your comments here that, if i understood correctly, that you're not going to dispose of the mortgage-backed securities you have on the book during this period of normalization. i've heard many people on wall street and elsewhere say that right now the federal reserve is the market for mortgage-backed securities. that means that it's kind of a warped market right now. focused ondering how are you on mortgage-backed securities and this larger world market, which used to be a world market for mortgage-backed securities, and i guess what i'm saying, has the ground shifted from under us in terms of the mortgage-backed security world

on a permanent basis or at least for a very long-term basis because of the devastating nature of what appened a few years ago? >> we are still only a fraction of the total holdings of mortgage-backed securities, but ore relevant, as part of our assessment of our ongoing assessment of the potential costs of our very asset purchase programs, we pay very close attention to market functioning, and our assessment is the market is still quite a healthy market in terms of the spreads, in terms of execution times, in terms of the number of people on both sides of the market. there are reits now that are building up their portfolios. there are plenty of real money investors holding them. so, you know, if the market was really breaking down in some way, that would be a factor we'd have to take into account, but our asements, and, of course, we're in that market

quite a bit, so we have a lot of information about it, our assessment is that market is still working quite well and that our purchases are not disrupting the normal price discovery and liquidity functions of that market. i think that the events of five years ago obviously do have a big, long-term effect. there are bills in congress that would change, reform the g.s.e.'s, for example, and ultimately would change the market for mortgage-backed securities, perhaps increasing the amount of private placements or changing the whole institutional structure of that market. so we may end up holding some securities which are, in some sense, left over from a previous era at some point. but nevertheless, for the time being, they are the mortgage-backed security market. fannie and freddie are

basically it. we are, of course, legally allowed to buy and own those securities, and so we found it useful to do that, and we believe it's contributed to lower mortgage sandrates a stronger housing market. that's been our rationale. just, again, to come back to your question, we do not see any significant deterioration in market functioning. if there's things you can point us to, we'd be obviously very interested. >> in terms of the government backing through the g.s.e.'s of mortgage-backed securities, is there a concern, a legitimate concern, that without government backing of this market in some way, that because the private market ems to move with much more rapidity than government backing government purchases, that moving the government out of this backup role on mortgage-backed securities